cvelistv5 - cve-2024-23672

CVE-2024-23672 (GCVE-0-2024-23672)

Vulnerability from cvelistv5

Published

2024-03-13 15:48

Modified

2025-08-07 11:10

Severity ?

CWE

CWE-459 - Incomplete Cleanup

Summary

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.

References

►

URL

	Vendor	Product	Version
	Apache Software Foundation	Apache Tomcat	Version: 11.0.0-M1 ≤ 11.0.0-M16 Version: 10.1.0-M1 ≤ 10.1.18 Version: 9.0.0-M1 ≤ 9.0.85 Version: 8.5.0 ≤ 8.5.98

fkie_cve-2024-23672

Vulnerability from fkie_nvd

Published

2024-03-13 16:15

Modified

2025-08-07 12:15

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Summary

References

URL	Tags
security@apache.org	https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/03/13/4	Mailing List
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UWIS5MMGYDZBLJYT674ZI5AWFHDZ46B/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/736G4GPZWS2DSQO5WKXO3G6OMZKFEK55/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20240402-0002/	Third Party Advisory

Impacted products

Vendor	Product	Version
apache	tomcat	*
apache	tomcat	*
apache	tomcat	*
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
apache	tomcat	11.0.0
debian	debian_linux	10.0
fedoraproject	fedora	39
fedoraproject	fedora	40

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E75E39D1-9AAE-4F50-9FA8-C1936AAFA896",
              "versionEndExcluding": "8.5.99",
              "versionStartIncluding": "8.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1B2F3FF-1EF4-43FB-896D-C975E058978D",
              "versionEndExcluding": "9.0.86",
              "versionStartIncluding": "9.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03C34A60-381C-4EBD-A116-B700BB41F751",
              "versionEndExcluding": "10.1.19",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone1:*:*:*:*:*:*",
              "matchCriteriaId": "D1AA7FF6-E8E7-4BF6-983E-0A99B0183008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone10:*:*:*:*:*:*",
              "matchCriteriaId": "57088BDD-A136-45EF-A8A1-2EBF79CEC2CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone11:*:*:*:*:*:*",
              "matchCriteriaId": "B32D1D7A-A04F-444E-8F45-BB9A9E4B0199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone12:*:*:*:*:*:*",
              "matchCriteriaId": "0092FB35-3B00-484F-A24D-7828396A4FF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone13:*:*:*:*:*:*",
              "matchCriteriaId": "CB557E88-FA9D-4B69-AA6F-EAEE7F9B01AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone14:*:*:*:*:*:*",
              "matchCriteriaId": "72D3C6F1-84FA-4F82-96C1-9A8DA1C1F30F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone15:*:*:*:*:*:*",
              "matchCriteriaId": "3521C81B-37D9-48FC-9540-D0D333B9A4A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone16:*:*:*:*:*:*",
              "matchCriteriaId": "02A84634-A8F2-4BA9-B9F3-BEF36AEC5480",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*",
              "matchCriteriaId": "2AAD52CE-94F5-4F98-A027-9A7E68818CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*",
              "matchCriteriaId": "F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*",
              "matchCriteriaId": "03A171AF-2EC8-4422-912C-547CDB58CAAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone5:*:*:*:*:*:*",
              "matchCriteriaId": "538E68C4-0BA4-495F-AEF8-4EF6EE7963CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone6:*:*:*:*:*:*",
              "matchCriteriaId": "49350A6E-5E1D-45B2-A874-3B8601B3ADCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone7:*:*:*:*:*:*",
              "matchCriteriaId": "5F50942F-DF54-46C0-8371-9A476DD3EEA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone8:*:*:*:*:*:*",
              "matchCriteriaId": "D12C2C95-B79F-4AA4-8CE3-99A3EE7991AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone9:*:*:*:*:*:*",
              "matchCriteriaId": "98792138-DD56-42DF-9612-3BDC65EEC117",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nOlder, EOL versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue."
    },
    {
      "lang": "es",
      "value": "Denegaci\u00f3n de servicio mediante vulnerabilidad de limpieza incompleta en Apache Tomcat. Los clientes de WebSocket pod\u00edan mantener abiertas las conexiones de WebSocket, lo que generaba un mayor consumo de recursos. Este problema afecta a Apache Tomcat: desde 11.0.0-M1 hasta 11.0.0-M16, desde 10.1.0-M1 hasta 10.1.18, desde 9.0. 0-M1 hasta 9.0.85, desde 8.5.0 hasta 8.5.98. Se recomienda a los usuarios actualizar a la versi\u00f3n 11.0.0-M17, 10.1.19, 9.0.86 u 8.5.99, que solucionan el problema."
    }
  ],
  "id": "CVE-2024-23672",
  "lastModified": "2025-08-07T12:15:27.837",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.4,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-03-13T16:15:29.287",
  "references": [
    {
      "source": "security@apache.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2024/03/13/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UWIS5MMGYDZBLJYT674ZI5AWFHDZ46B/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/736G4GPZWS2DSQO5WKXO3G6OMZKFEK55/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20240402-0002/"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-459"
        }
      ],
      "source": "security@apache.org",
      "type": "Secondary"
    }
  ]
}

ncsc-2024-0414

Vulnerability from csaf_ncscnl

Published

2024-10-17 13:17

Modified

2024-10-17 13:17

Summary

Kwetsbaarheden verholpen in Oracle Communications

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Denial-of-Service (DoS) - Manipuleren van gegevens - Uitvoer van willekeurige code (Gebruikersrechten) - Uitvoer van willekeurige code (Administratorrechten) - Toegang tot gevoelige gegevens

Oplossingen

Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-122

Heap-based Buffer Overflow

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-20

Improper Input Validation

CWE-466

Return of Pointer Value Outside of Expected Range

CWE-606

Unchecked Input for Loop Condition

CWE-390

Detection of Error Condition Without Action

CWE-405

Asymmetric Resource Consumption (Amplification)

CWE-222

Truncation of Security-relevant Information

CWE-364

Signal Handler Race Condition

CWE-450

Multiple Interpretations of UI Input

CWE-130

Improper Handling of Length Parameter Inconsistency

CWE-772

Missing Release of Resource after Effective Lifetime

CWE-669

Incorrect Resource Transfer Between Spheres

CWE-126

Buffer Over-read

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CWE-349

Acceptance of Extraneous Untrusted Data With Trusted Data

CWE-755

Improper Handling of Exceptional Conditions

CWE-834

Excessive Iteration

CWE-407

Inefficient Algorithmic Complexity

CWE-754

Improper Check for Unusual or Exceptional Conditions

CWE-703

Improper Check or Handling of Exceptional Conditions

CWE-427

Uncontrolled Search Path Element

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

CWE-195

Signed to Unsigned Conversion Error

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-116

Improper Encoding or Escaping of Output

CWE-345

Insufficient Verification of Data Authenticity

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-190

Integer Overflow or Wraparound

CWE-61

UNIX Symbolic Link (Symlink) Following

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-125

Out-of-bounds Read

CWE-404

Improper Resource Shutdown or Release

CWE-284

Improper Access Control

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-416

Use After Free

CWE-401

Missing Release of Memory after Effective Lifetime

CWE-476

NULL Pointer Dereference

CWE-459

Incomplete Cleanup

CWE-94

Improper Control of Generation of Code ('Code Injection')

CWE-400

Uncontrolled Resource Consumption

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-248

Uncaught Exception

CWE-674

Uncontrolled Recursion

CWE-918

Server-Side Request Forgery (SSRF)

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-787

Out-of-bounds Write

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in diverse Communications producten en systemen.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van gegevens\n- Uitvoer van willekeurige code (Gebruikersrechten)\n- Uitvoer van willekeurige code (Administratorrechten)\n- Toegang tot gevoelige gegevens",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
        "title": "CWE-835"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Return of Pointer Value Outside of Expected Range",
        "title": "CWE-466"
      },
      {
        "category": "general",
        "text": "Unchecked Input for Loop Condition",
        "title": "CWE-606"
      },
      {
        "category": "general",
        "text": "Detection of Error Condition Without Action",
        "title": "CWE-390"
      },
      {
        "category": "general",
        "text": "Asymmetric Resource Consumption (Amplification)",
        "title": "CWE-405"
      },
      {
        "category": "general",
        "text": "Truncation of Security-relevant Information",
        "title": "CWE-222"
      },
      {
        "category": "general",
        "text": "Signal Handler Race Condition",
        "title": "CWE-364"
      },
      {
        "category": "general",
        "text": "Multiple Interpretations of UI Input",
        "title": "CWE-450"
      },
      {
        "category": "general",
        "text": "Improper Handling of Length Parameter Inconsistency",
        "title": "CWE-130"
      },
      {
        "category": "general",
        "text": "Missing Release of Resource after Effective Lifetime",
        "title": "CWE-772"
      },
      {
        "category": "general",
        "text": "Incorrect Resource Transfer Between Spheres",
        "title": "CWE-669"
      },
      {
        "category": "general",
        "text": "Buffer Over-read",
        "title": "CWE-126"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
        "title": "CWE-88"
      },
      {
        "category": "general",
        "text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
        "title": "CWE-349"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Excessive Iteration",
        "title": "CWE-834"
      },
      {
        "category": "general",
        "text": "Inefficient Algorithmic Complexity",
        "title": "CWE-407"
      },
      {
        "category": "general",
        "text": "Improper Check for Unusual or Exceptional Conditions",
        "title": "CWE-754"
      },
      {
        "category": "general",
        "text": "Improper Check or Handling of Exceptional Conditions",
        "title": "CWE-703"
      },
      {
        "category": "general",
        "text": "Uncontrolled Search Path Element",
        "title": "CWE-427"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Signed to Unsigned Conversion Error",
        "title": "CWE-195"
      },
      {
        "category": "general",
        "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
        "title": "CWE-444"
      },
      {
        "category": "general",
        "text": "Improper Encoding or Escaping of Output",
        "title": "CWE-116"
      },
      {
        "category": "general",
        "text": "Insufficient Verification of Data Authenticity",
        "title": "CWE-345"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
        "title": "CWE-77"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "UNIX Symbolic Link (Symlink) Following",
        "title": "CWE-61"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "Missing Release of Memory after Effective Lifetime",
        "title": "CWE-401"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Incomplete Cleanup",
        "title": "CWE-459"
      },
      {
        "category": "general",
        "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
        "title": "CWE-94"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Uncaught Exception",
        "title": "CWE-248"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
        "title": "CWE-78"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
        "url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Communications",
    "tracking": {
      "current_release_date": "2024-10-17T13:17:52.103171Z",
      "id": "NCSC-2024-0414",
      "initial_release_date": "2024-10-17T13:17:52.103171Z",
      "revision_history": [
        {
          "date": "2024-10-17T13:17:52.103171Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635313",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:10.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635305",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.11.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635311",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.11.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635312",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.11.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635323",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:12.6.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670430",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:14.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674632",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:14.0.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:14.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635320",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:17.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670439",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635322",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670429",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670435",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670431",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670436",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670432",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635321",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635310",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635318",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674640",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674642",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670434",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.1.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635316",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674639",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635314",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674638",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674637",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:24.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635306",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:4.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635307",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:4.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635317",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:46.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635319",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:46.6.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670438",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635324",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635315",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:5.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670433",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674641",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.0.1.10.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674636",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.1.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1670437",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.1.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674631",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.1.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1674634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.1.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635308",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications",
            "product": {
              "name": "communications",
              "product_id": "CSAFPID-1635309",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications:9.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications__10.4.0.4",
            "product": {
              "name": "communications__10.4.0.4",
              "product_id": "CSAFPID-1674629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications__10.4.0.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.2",
            "product": {
              "name": "communications___23.4.2",
              "product_id": "CSAFPID-1670442",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.3",
            "product": {
              "name": "communications___23.4.3",
              "product_id": "CSAFPID-1635325",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.4",
            "product": {
              "name": "communications___23.4.4",
              "product_id": "CSAFPID-1635326",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.5",
            "product": {
              "name": "communications___23.4.5",
              "product_id": "CSAFPID-1674645",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.5:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___23.4.6",
            "product": {
              "name": "communications___23.4.6",
              "product_id": "CSAFPID-1674646",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___23.4.6:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___24.2.0",
            "product": {
              "name": "communications___24.2.0",
              "product_id": "CSAFPID-1674644",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___24.2.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___7.2.1.0.0",
            "product": {
              "name": "communications___7.2.1.0.0",
              "product_id": "CSAFPID-1670441",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___7.2.1.0.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___8.6.0.6",
            "product": {
              "name": "communications___8.6.0.6",
              "product_id": "CSAFPID-1635327",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___8.6.0.6:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___8.6.0.8",
            "product": {
              "name": "communications___8.6.0.8",
              "product_id": "CSAFPID-1635328",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___8.6.0.8:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___9.0.2",
            "product": {
              "name": "communications___9.0.2",
              "product_id": "CSAFPID-1670440",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___9.0.2:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___9.0.3",
            "product": {
              "name": "communications___9.0.3",
              "product_id": "CSAFPID-1635329",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___9.0.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications___9.1.1.8.0",
            "product": {
              "name": "communications___9.1.1.8.0",
              "product_id": "CSAFPID-1674643",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications___9.1.1.8.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674621",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674618",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:6.0.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674619",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674622",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674617",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.4.3.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674623",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications",
            "product": {
              "name": "communications_applications",
              "product_id": "CSAFPID-1674620",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications:8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___12.0.6.0.0",
            "product": {
              "name": "communications_applications___12.0.6.0.0",
              "product_id": "CSAFPID-1674627",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___12.0.6.0.0:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___5.5.22",
            "product": {
              "name": "communications_applications___5.5.22",
              "product_id": "CSAFPID-1674626",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___5.5.22:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___6.0.3",
            "product": {
              "name": "communications_applications___6.0.3",
              "product_id": "CSAFPID-1674628",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___6.0.3:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___6.0.4",
            "product": {
              "name": "communications_applications___6.0.4",
              "product_id": "CSAFPID-1674624",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___6.0.4:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_applications___6.0.5",
            "product": {
              "name": "communications_applications___6.0.5",
              "product_id": "CSAFPID-1674625",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_applications___6.0.5:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_asap",
            "product": {
              "name": "communications_asap",
              "product_id": "CSAFPID-204629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_asap",
            "product": {
              "name": "communications_asap",
              "product_id": "CSAFPID-1673475",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_asap:7.4.3.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_asap",
            "product": {
              "name": "communications_asap",
              "product_id": "CSAFPID-816792",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-764735",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-1650734",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4.0-12.0.0.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-204639",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-204627",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-816793",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management",
            "product": {
              "name": "communications_billing_and_revenue_management",
              "product_id": "CSAFPID-912557",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:15.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_billing_and_revenue_management__-_elastic_charging_engine",
            "product": {
              "name": "communications_billing_and_revenue_management__-_elastic_charging_engine",
              "product_id": "CSAFPID-219835",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_billing_and_revenue_management__-_elastic_charging_engine:12.0.0.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-764247",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-209548",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3.0.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-209549",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:11.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-41194",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-1650820",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4-12.0.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-765241",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-209546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0.0.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-209550",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-498607",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:12:0.0.5.0:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_brm_-_elastic_charging_engine",
            "product": {
              "name": "communications_brm_-_elastic_charging_engine",
              "product_id": "CSAFPID-912556",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_brm_-_elastic_charging_engine:15.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_calendar_server",
            "product": {
              "name": "communications_calendar_server",
              "product_id": "CSAFPID-764736",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_calendar_server:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_calendar_server",
            "product": {
              "name": "communications_calendar_server",
              "product_id": "CSAFPID-220190",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_calendar_server:8.0.0.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_configuration_console",
            "product": {
              "name": "communications_cloud_native_configuration_console",
              "product_id": "CSAFPID-391501",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:22.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_configuration_console",
            "product": {
              "name": "communications_cloud_native_configuration_console",
              "product_id": "CSAFPID-440102",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_configuration_console:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-89545",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-180215",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-180197",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-220548",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-41516",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-41515",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-220057",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:22.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-220055",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-220909",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-816765",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-816766",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-816767",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1503577",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1673416",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1673516",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1673412",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_automated_test_suite",
            "product": {
              "name": "communications_cloud_native_core_automated_test_suite",
              "product_id": "CSAFPID-1673411",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:24.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-764237",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-2045",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.10.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-40612",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:1.11.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-608629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-93784",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1899",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-41111",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1685",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-493445",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-294401",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-220547",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-764824",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-220459",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-45184",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-45182",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-45181",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-611405",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.1.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-611403",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-611404",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1650752",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1673396",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0-23.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-912066",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_binding_support_function",
            "product": {
              "name": "communications_cloud_native_core_binding_support_function",
              "product_id": "CSAFPID-1503323",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_certificate_management",
            "product": {
              "name": "communications_cloud_native_core_certificate_management",
              "product_id": "CSAFPID-1673526",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_certificate_management",
            "product": {
              "name": "communications_cloud_native_core_certificate_management",
              "product_id": "CSAFPID-1673391",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_certificate_management",
            "product": {
              "name": "communications_cloud_native_core_certificate_management",
              "product_id": "CSAFPID-1673394",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_certificate_management:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-165550",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-93546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:1.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-180195",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-40299",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-187447",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-45186",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-45185",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-220559",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:22.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-220558",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-764238",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-764239",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-816768",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-816769",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-912085",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-1503578",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-1673389",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_console",
            "product": {
              "name": "communications_cloud_native_core_console",
              "product_id": "CSAFPID-1673390",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_console:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_dbtier",
            "product": {
              "name": "communications_cloud_native_core_dbtier",
              "product_id": "CSAFPID-1673421",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_dbtier",
            "product": {
              "name": "communications_cloud_native_core_dbtier",
              "product_id": "CSAFPID-1673420",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_dbtier:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-764825",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:22.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-816770",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-816771",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-912068",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_data_analytics_function",
            "product": {
              "name": "communications_cloud_native_core_network_data_analytics_function",
              "product_id": "CSAFPID-1503579",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_data_analytics_function:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-180201",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-1900",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-760687",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-40947",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-93635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-503534",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-90018",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-220327",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-94290",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-220325",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-614513",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-643776",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-816772",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-912076",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_exposure_function",
            "product": {
              "name": "communications_cloud_native_core_network_exposure_function",
              "product_id": "CSAFPID-1503580",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:23.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-40613",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-2044",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-40301",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-180194",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-449747",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-40298",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-223527",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-449746",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-503493",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-260394",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-219838",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-611387",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-618156",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-816773",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912101",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-1673473",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0-24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-1503581",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912539",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912540",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_install_upgrade___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912541",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_installation___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912542",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_obserability_services_overlay___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_function_cloud_native_environment",
            "product": {
              "name": "communications_cloud_native_core_network_function_cloud_native_environment",
              "product_id": "CSAFPID-912543",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:_observability_services_overlay___23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-40611",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-40609",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.15.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-180198",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-41112",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-41110",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-760688",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-493444",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-93633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-220056",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-223511",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:22.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-216017",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-220889",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-614516",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-816774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.1.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-220918",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-614515",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-614514",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-816346",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-912077",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-1503322",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-1673413",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-1673415",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-816775",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_repository_function",
            "product": {
              "name": "communications_cloud_native_core_network_repository_function",
              "product_id": "CSAFPID-912544",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:_install_upgrade___23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-40608",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-180199",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-41113",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-260395",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-260393",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:22.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816348",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-912545",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816347",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-1673494",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-1673501",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:24.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816776",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_network_slice_selection_function",
            "product": {
              "name": "communications_cloud_native_core_network_slice_selection_function",
              "product_id": "CSAFPID-816777",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:_install_upgrade___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-764240",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-220468",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.11.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-2310",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-93547",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-180200",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-180193",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1898",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-93636",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-90020",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-90015",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-220133",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1650751",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1673517",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-1673395",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0-23.4.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-912069",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_policy",
            "product": {
              "name": "communications_cloud_native_core_policy",
              "product_id": "CSAFPID-765371",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:all_supported_s:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-180216",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-180202",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-40300",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-93653",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-40949",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-642000",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-93634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-220561",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-90021",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-94292",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-218028",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-220881",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:22.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-94291",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-220910",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-220324",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-611401",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-816778",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-614517",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-912547",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-1673392",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-1503582",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-1673393",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_security_edge_protection_proxy",
            "product": {
              "name": "communications_cloud_native_core_security_edge_protection_proxy",
              "product_id": "CSAFPID-912546",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:_automated_test_suite___23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-40610",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.15.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-611587",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-642002",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-493443",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-642001",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-224796",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-224795",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-912548",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-912102",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-912549",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1503583",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1503584",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1503585",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_service_communication_proxy",
            "product": {
              "name": "communications_cloud_native_core_service_communication_proxy",
              "product_id": "CSAFPID-1672767",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-180217",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.15.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-180196",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-165576",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-40297",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-764899",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-589926",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-179780",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.2.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-40948",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-589925",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-179779",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.3.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-764826",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-90019",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:22.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-90016",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-220326",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-764241",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-912078",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-816349",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-912550",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1503586",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1503587",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:23.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-1673399",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_cloud_native_core_unified_data_repository",
            "product": {
              "name": "communications_cloud_native_core_unified_data_repository",
              "product_id": "CSAFPID-816779",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:_signaling___23.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_contacts_server",
            "product": {
              "name": "communications_contacts_server",
              "product_id": "CSAFPID-764737",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_contacts_server:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_contacts_server",
            "product": {
              "name": "communications_contacts_server",
              "product_id": "CSAFPID-224787",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_contacts_server",
            "product": {
              "name": "communications_contacts_server",
              "product_id": "CSAFPID-220189",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_contacts_server:8.0.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_application_server",
            "product": {
              "name": "communications_converged_application_server",
              "product_id": "CSAFPID-764827",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_application_server:7.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_application_server",
            "product": {
              "name": "communications_converged_application_server",
              "product_id": "CSAFPID-764828",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_application_server:8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_application_server_-_service_controller",
            "product": {
              "name": "communications_converged_application_server_-_service_controller",
              "product_id": "CSAFPID-764734",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_application_server_-_service_controller",
            "product": {
              "name": "communications_converged_application_server_-_service_controller",
              "product_id": "CSAFPID-426842",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_charging_system",
            "product": {
              "name": "communications_converged_charging_system",
              "product_id": "CSAFPID-1503599",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_converged_charging_system",
            "product": {
              "name": "communications_converged_charging_system",
              "product_id": "CSAFPID-1503600",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_converged_charging_system:2.0.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-345031",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-204635",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-764833",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-224793",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergence",
            "product": {
              "name": "communications_convergence",
              "product_id": "CSAFPID-816794",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergence:3.0.3.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-342793",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-1650777",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-1265",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-764248",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:12.0.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-816350",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_convergent_charging_controller",
            "product": {
              "name": "communications_convergent_charging_controller",
              "product_id": "CSAFPID-1261",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_convergent_charging_controller:6.0.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_core_session_manager",
            "product": {
              "name": "communications_core_session_manager",
              "product_id": "CSAFPID-110244",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_core_session_manager",
            "product": {
              "name": "communications_core_session_manager",
              "product_id": "CSAFPID-110242",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_core_session_manager",
            "product": {
              "name": "communications_core_session_manager",
              "product_id": "CSAFPID-93777",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_core_session_manager:8.45:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_core_session_manager",
            "product": {
              "name": "communications_core_session_manager",
              "product_id": "CSAFPID-1672764",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_core_session_manager:9.1.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_core_session_manager",
            "product": {
              "name": "communications_core_session_manager",
              "product_id": "CSAFPID-93772",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_core_session_manager:9.15:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_data_model",
            "product": {
              "name": "communications_data_model",
              "product_id": "CSAFPID-764902",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_data_model:12.2.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-765372",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-342799",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.3.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-704412",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-704411",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-165544",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-704410",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_design_studio",
            "product": {
              "name": "communications_design_studio",
              "product_id": "CSAFPID-41183",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_design_studio:7.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_intelligence_hub",
            "product": {
              "name": "communications_diameter_intelligence_hub",
              "product_id": "CSAFPID-342802",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_intelligence_hub",
            "product": {
              "name": "communications_diameter_intelligence_hub",
              "product_id": "CSAFPID-764829",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_intelligence_hub:8.2.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1503588",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1892",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1891",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1888",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1887",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1889",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1884",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1885",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1882",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1881",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4.0.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1883",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1879",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1880",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-40293",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1650826",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-1650830",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.6.0.4-8.6.0.8:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-611413",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-912551",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_patches___9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_diameter_signaling_router",
            "product": {
              "name": "communications_diameter_signaling_router",
              "product_id": "CSAFPID-912552",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_diameter_signaling_router:_platform___9.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_application_processor",
            "product": {
              "name": "communications_eagle_application_processor",
              "product_id": "CSAFPID-1673417",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_application_processor:17.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_application_processor",
            "product": {
              "name": "communications_eagle_application_processor",
              "product_id": "CSAFPID-765369",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_application_processor:all_supported_s:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_element_management_system",
            "product": {
              "name": "communications_eagle_element_management_system",
              "product_id": "CSAFPID-1503316",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_element_management_system",
            "product": {
              "name": "communications_eagle_element_management_system",
              "product_id": "CSAFPID-1503317",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_element_management_system",
            "product": {
              "name": "communications_eagle_element_management_system",
              "product_id": "CSAFPID-204528",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_element_management_system:46.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_ftp_table_base_retrieval",
            "product": {
              "name": "communications_eagle_ftp_table_base_retrieval",
              "product_id": "CSAFPID-204623",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_ftp_table_base_retrieval:4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_lnp_application_processor",
            "product": {
              "name": "communications_eagle_lnp_application_processor",
              "product_id": "CSAFPID-352633",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_lnp_application_processor",
            "product": {
              "name": "communications_eagle_lnp_application_processor",
              "product_id": "CSAFPID-352632",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_lnp_application_processor:10.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_software",
            "product": {
              "name": "communications_eagle_software",
              "product_id": "CSAFPID-765366",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_software:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_eagle_software",
            "product": {
              "name": "communications_eagle_software",
              "product_id": "CSAFPID-765365",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_eagle_software:46.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_elastic_charging_engine",
            "product": {
              "name": "communications_elastic_charging_engine",
              "product_id": "CSAFPID-764834",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_elastic_charging_engine:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-764242",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-204597",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-204580",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-9226",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-204589",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-9070",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-8845",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-204624",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-2286",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-204464",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:8.2.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-345038",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-93629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-611422",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-93630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_element_manager",
            "product": {
              "name": "communications_element_manager",
              "product_id": "CSAFPID-816780",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_element_manager:9.4.53:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_evolved_communications_application_server",
            "product": {
              "name": "communications_evolved_communications_application_server",
              "product_id": "CSAFPID-204645",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_evolved_communications_application_server:7.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_fraud_monitor",
            "product": {
              "name": "communications_fraud_monitor",
              "product_id": "CSAFPID-816781",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_fraud_monitor",
            "product": {
              "name": "communications_fraud_monitor",
              "product_id": "CSAFPID-816782",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_fraud_monitor",
            "product": {
              "name": "communications_fraud_monitor",
              "product_id": "CSAFPID-912553",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_fraud_monitor:5.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_instant_messaging_server",
            "product": {
              "name": "communications_instant_messaging_server",
              "product_id": "CSAFPID-207586",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_instant_messaging_server",
            "product": {
              "name": "communications_instant_messaging_server",
              "product_id": "CSAFPID-234306",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_instant_messaging_server",
            "product": {
              "name": "communications_instant_messaging_server",
              "product_id": "CSAFPID-219803",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_instant_messaging_server",
            "product": {
              "name": "communications_instant_messaging_server",
              "product_id": "CSAFPID-387664",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_instant_messaging_server:8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_interactive_session_recorder",
            "product": {
              "name": "communications_interactive_session_recorder",
              "product_id": "CSAFPID-1893",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_ip_service_activator",
            "product": {
              "name": "communications_ip_service_activator",
              "product_id": "CSAFPID-204622",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_ip_service_activator",
            "product": {
              "name": "communications_ip_service_activator",
              "product_id": "CSAFPID-219909",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_ip_service_activator:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_lsms",
            "product": {
              "name": "communications_lsms",
              "product_id": "CSAFPID-1673065",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_lsms:14.0.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_messaging_server",
            "product": {
              "name": "communications_messaging_server",
              "product_id": "CSAFPID-764835",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.20.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_messaging_server",
            "product": {
              "name": "communications_messaging_server",
              "product_id": "CSAFPID-375182",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.21.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_messaging_server",
            "product": {
              "name": "communications_messaging_server",
              "product_id": "CSAFPID-816351",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1.0.24.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_messaging_server",
            "product": {
              "name": "communications_messaging_server",
              "product_id": "CSAFPID-41182",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_messaging_server:8.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_metasolv_solution",
            "product": {
              "name": "communications_metasolv_solution",
              "product_id": "CSAFPID-611595",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_metasolv_solution",
            "product": {
              "name": "communications_metasolv_solution",
              "product_id": "CSAFPID-226017",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-220167",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816353",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-764243",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816352",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-1503589",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:23.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-1503590",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-1673414",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:24.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816783",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816786",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_general___23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816784",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816787",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_install_upgrade___23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816785",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.2.0.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_analytics_data_director",
            "product": {
              "name": "communications_network_analytics_data_director",
              "product_id": "CSAFPID-816788",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_analytics_data_director:_third_party___23.3.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-342803",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-1650778",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.1.0.0-12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-1266",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-764249",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:12.0.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-816354",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_charging_and_control",
            "product": {
              "name": "communications_network_charging_and_control",
              "product_id": "CSAFPID-204563",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_charging_and_control:6.0.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_integrity",
            "product": {
              "name": "communications_network_integrity",
              "product_id": "CSAFPID-220125",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_integrity",
            "product": {
              "name": "communications_network_integrity",
              "product_id": "CSAFPID-245244",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_integrity",
            "product": {
              "name": "communications_network_integrity",
              "product_id": "CSAFPID-219776",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_network_integrity",
            "product": {
              "name": "communications_network_integrity",
              "product_id": "CSAFPID-204554",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_network_integrity:7.3.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_offline_mediation_controller",
            "product": {
              "name": "communications_offline_mediation_controller",
              "product_id": "CSAFPID-765242",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_offline_mediation_controller:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-9489",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-110249",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-93781",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-220132",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_operations_monitor",
            "product": {
              "name": "communications_operations_monitor",
              "product_id": "CSAFPID-912079",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_operations_monitor:5.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-224791",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.3.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-219898",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-224790",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-221118",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-179774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_order_and_service_management",
            "product": {
              "name": "communications_order_and_service_management",
              "product_id": "CSAFPID-1673496",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_order_and_service_management:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_performance_intelligence",
            "product": {
              "name": "communications_performance_intelligence",
              "product_id": "CSAFPID-1503591",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_performance_intelligence:10.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_performance_intelligence_center",
            "product": {
              "name": "communications_performance_intelligence_center",
              "product_id": "CSAFPID-1673485",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center:prior_to_10.4.0.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_performance_intelligence_center__pic__software",
            "product": {
              "name": "communications_performance_intelligence_center__pic__software",
              "product_id": "CSAFPID-765367",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_performance_intelligence_center__pic__software",
            "product": {
              "name": "communications_performance_intelligence_center__pic__software",
              "product_id": "CSAFPID-765368",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_performance_intelligence_center__pic__software",
            "product": {
              "name": "communications_performance_intelligence_center__pic__software",
              "product_id": "CSAFPID-764830",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_performance_intelligence_center__pic__software:10.4.0.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-573035",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:12.5.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-45192",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-611406",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-816789",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:12.6.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_policy_management",
            "product": {
              "name": "communications_policy_management",
              "product_id": "CSAFPID-816790",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_policy_management:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_pricing_design_center",
            "product": {
              "name": "communications_pricing_design_center",
              "product_id": "CSAFPID-764738",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_pricing_design_center",
            "product": {
              "name": "communications_pricing_design_center",
              "product_id": "CSAFPID-204595",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_pricing_design_center",
            "product": {
              "name": "communications_pricing_design_center",
              "product_id": "CSAFPID-204590",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_pricing_design_center",
            "product": {
              "name": "communications_pricing_design_center",
              "product_id": "CSAFPID-816355",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_pricing_design_center:15.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-1503601",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816359",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816358",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816357",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:7.4.2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-912558",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-1503602",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816795",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.0.7.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816796",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.1.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_service_catalog_and_design",
            "product": {
              "name": "communications_service_catalog_and_design",
              "product_id": "CSAFPID-816797",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_service_catalog_and_design:_psr_designer___7.4.2.8.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_services_gatekeeper",
            "product": {
              "name": "communications_services_gatekeeper",
              "product_id": "CSAFPID-608630",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_services_gatekeeper:7.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503592",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503593",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:4.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-40294",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-40292",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1672762",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-40291",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503594",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_border_controller",
            "product": {
              "name": "communications_session_border_controller",
              "product_id": "CSAFPID-1503595",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_border_controller:9.3.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-342804",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-704413",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2296",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-166028",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2294",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2292",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2290",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2288",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2282",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2285",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-2279",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-204634",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:8.2.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-345039",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-93628",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-611423",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-93631",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_report_manager",
            "product": {
              "name": "communications_session_report_manager",
              "product_id": "CSAFPID-816791",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_report_manager:9.4.53:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-342805",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-704414",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:-:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-166027",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2295",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2293",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2289",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2291",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2287",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2283",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2284",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2280",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-2281",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-220414",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_route_manager",
            "product": {
              "name": "communications_session_route_manager",
              "product_id": "CSAFPID-204607",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_route_manager:8.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_router",
            "product": {
              "name": "communications_session_router",
              "product_id": "CSAFPID-764780",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_router:9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_session_router",
            "product": {
              "name": "communications_session_router",
              "product_id": "CSAFPID-764781",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_session_router:9.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_subscriber-aware_load_balancer",
            "product": {
              "name": "communications_subscriber-aware_load_balancer",
              "product_id": "CSAFPID-93775",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_subscriber-aware_load_balancer",
            "product": {
              "name": "communications_subscriber-aware_load_balancer",
              "product_id": "CSAFPID-93774",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:9.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-240600",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673382",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0-5.5.22:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-78764",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-78763",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.10:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673070",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:5.5.22:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673381",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1650731",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673530",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0-6.0.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-764901",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-78762",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-78761",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-614089",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_assurance",
            "product": {
              "name": "communications_unified_assurance",
              "product_id": "CSAFPID-1673068",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_assurance:6.0.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-764739",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-204614",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.3.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-8984",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-204510",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-204569",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-219826",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_inventory_management",
            "product": {
              "name": "communications_unified_inventory_management",
              "product_id": "CSAFPID-912073",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_inventory_management:7.5.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_session_manager",
            "product": {
              "name": "communications_unified_session_manager",
              "product_id": "CSAFPID-110243",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_unified_session_manager",
            "product": {
              "name": "communications_unified_session_manager",
              "product_id": "CSAFPID-205759",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_unified_session_manager:8.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1503596",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1503597",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1503598",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.11.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-764900",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-76994",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-568240",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-764782",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-355340",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:12.6.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-912080",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_user_data_repository",
            "product": {
              "name": "communications_user_data_repository",
              "product_id": "CSAFPID-1673481",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_user_data_repository:14.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_webrtc_session_controller",
            "product": {
              "name": "communications_webrtc_session_controller",
              "product_id": "CSAFPID-912554",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_webrtc_session_controller",
            "product": {
              "name": "communications_webrtc_session_controller",
              "product_id": "CSAFPID-611408",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_webrtc_session_controller",
            "product": {
              "name": "communications_webrtc_session_controller",
              "product_id": "CSAFPID-703515",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_webrtc_session_controller",
            "product": {
              "name": "communications_webrtc_session_controller",
              "product_id": "CSAFPID-611407",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1.0.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_webrtc_session_controller",
            "product": {
              "name": "communications_webrtc_session_controller",
              "product_id": "CSAFPID-204456",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-37137",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-41182",
          "CSAFPID-209546",
          "CSAFPID-40608",
          "CSAFPID-180216",
          "CSAFPID-93547",
          "CSAFPID-180217",
          "CSAFPID-2310",
          "CSAFPID-40612",
          "CSAFPID-391501",
          "CSAFPID-440102",
          "CSAFPID-41516",
          "CSAFPID-41515",
          "CSAFPID-764237",
          "CSAFPID-45182",
          "CSAFPID-45181",
          "CSAFPID-45186",
          "CSAFPID-45185",
          "CSAFPID-90018",
          "CSAFPID-94290",
          "CSAFPID-260394",
          "CSAFPID-216017",
          "CSAFPID-764240",
          "CSAFPID-90021",
          "CSAFPID-94292",
          "CSAFPID-218028",
          "CSAFPID-94291",
          "CSAFPID-493443",
          "CSAFPID-224796",
          "CSAFPID-90019",
          "CSAFPID-90016",
          "CSAFPID-93777",
          "CSAFPID-93772",
          "CSAFPID-40293",
          "CSAFPID-345038",
          "CSAFPID-93629",
          "CSAFPID-93781",
          "CSAFPID-45192",
          "CSAFPID-608630",
          "CSAFPID-40292",
          "CSAFPID-40291",
          "CSAFPID-345039",
          "CSAFPID-93628",
          "CSAFPID-764780",
          "CSAFPID-764781",
          "CSAFPID-93775",
          "CSAFPID-93774",
          "CSAFPID-764782",
          "CSAFPID-342793",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-342803",
          "CSAFPID-204563",
          "CSAFPID-221118",
          "CSAFPID-240600",
          "CSAFPID-8984",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-1899",
          "CSAFPID-41111",
          "CSAFPID-40299",
          "CSAFPID-187447",
          "CSAFPID-1900",
          "CSAFPID-40301",
          "CSAFPID-180194",
          "CSAFPID-40298",
          "CSAFPID-41112",
          "CSAFPID-41110",
          "CSAFPID-41113",
          "CSAFPID-180193",
          "CSAFPID-1898",
          "CSAFPID-40300",
          "CSAFPID-611587",
          "CSAFPID-40297",
          "CSAFPID-110244",
          "CSAFPID-110242",
          "CSAFPID-9489",
          "CSAFPID-110249",
          "CSAFPID-40294",
          "CSAFPID-110243",
          "CSAFPID-204629",
          "CSAFPID-765241",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-41183",
          "CSAFPID-207586",
          "CSAFPID-765242",
          "CSAFPID-205759",
          "CSAFPID-1893",
          "CSAFPID-765365",
          "CSAFPID-765366",
          "CSAFPID-342804",
          "CSAFPID-342805",
          "CSAFPID-204456",
          "CSAFPID-1882",
          "CSAFPID-573035",
          "CSAFPID-204645",
          "CSAFPID-765367",
          "CSAFPID-765368",
          "CSAFPID-764242",
          "CSAFPID-76994",
          "CSAFPID-204623",
          "CSAFPID-352633",
          "CSAFPID-352632",
          "CSAFPID-765369",
          "CSAFPID-204528",
          "CSAFPID-342802",
          "CSAFPID-40610",
          "CSAFPID-40611",
          "CSAFPID-40609",
          "CSAFPID-180198",
          "CSAFPID-180196",
          "CSAFPID-180201",
          "CSAFPID-180202",
          "CSAFPID-40613",
          "CSAFPID-180199",
          "CSAFPID-93546",
          "CSAFPID-180195",
          "CSAFPID-180200",
          "CSAFPID-765371",
          "CSAFPID-89545",
          "CSAFPID-180215",
          "CSAFPID-180197",
          "CSAFPID-204639",
          "CSAFPID-204627",
          "CSAFPID-226017",
          "CSAFPID-219898",
          "CSAFPID-179774",
          "CSAFPID-342799",
          "CSAFPID-765372",
          "CSAFPID-220125",
          "CSAFPID-245244",
          "CSAFPID-204554",
          "CSAFPID-764739",
          "CSAFPID-204614",
          "CSAFPID-345031",
          "CSAFPID-204635",
          "CSAFPID-204595",
          "CSAFPID-204590",
          "CSAFPID-224787",
          "CSAFPID-1673381",
          "CSAFPID-1673382",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-37137",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37137.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-41182",
            "CSAFPID-209546",
            "CSAFPID-40608",
            "CSAFPID-180216",
            "CSAFPID-93547",
            "CSAFPID-180217",
            "CSAFPID-2310",
            "CSAFPID-40612",
            "CSAFPID-391501",
            "CSAFPID-440102",
            "CSAFPID-41516",
            "CSAFPID-41515",
            "CSAFPID-764237",
            "CSAFPID-45182",
            "CSAFPID-45181",
            "CSAFPID-45186",
            "CSAFPID-45185",
            "CSAFPID-90018",
            "CSAFPID-94290",
            "CSAFPID-260394",
            "CSAFPID-216017",
            "CSAFPID-764240",
            "CSAFPID-90021",
            "CSAFPID-94292",
            "CSAFPID-218028",
            "CSAFPID-94291",
            "CSAFPID-493443",
            "CSAFPID-224796",
            "CSAFPID-90019",
            "CSAFPID-90016",
            "CSAFPID-93777",
            "CSAFPID-93772",
            "CSAFPID-40293",
            "CSAFPID-345038",
            "CSAFPID-93629",
            "CSAFPID-93781",
            "CSAFPID-45192",
            "CSAFPID-608630",
            "CSAFPID-40292",
            "CSAFPID-40291",
            "CSAFPID-345039",
            "CSAFPID-93628",
            "CSAFPID-764780",
            "CSAFPID-764781",
            "CSAFPID-93775",
            "CSAFPID-93774",
            "CSAFPID-764782",
            "CSAFPID-342793",
            "CSAFPID-1261",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-342803",
            "CSAFPID-204563",
            "CSAFPID-221118",
            "CSAFPID-240600",
            "CSAFPID-8984",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-1899",
            "CSAFPID-41111",
            "CSAFPID-40299",
            "CSAFPID-187447",
            "CSAFPID-1900",
            "CSAFPID-40301",
            "CSAFPID-180194",
            "CSAFPID-40298",
            "CSAFPID-41112",
            "CSAFPID-41110",
            "CSAFPID-41113",
            "CSAFPID-180193",
            "CSAFPID-1898",
            "CSAFPID-40300",
            "CSAFPID-611587",
            "CSAFPID-40297",
            "CSAFPID-110244",
            "CSAFPID-110242",
            "CSAFPID-9489",
            "CSAFPID-110249",
            "CSAFPID-40294",
            "CSAFPID-110243",
            "CSAFPID-204629",
            "CSAFPID-765241",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-41183",
            "CSAFPID-207586",
            "CSAFPID-765242",
            "CSAFPID-205759",
            "CSAFPID-1893",
            "CSAFPID-765365",
            "CSAFPID-765366",
            "CSAFPID-342804",
            "CSAFPID-342805",
            "CSAFPID-204456",
            "CSAFPID-1882",
            "CSAFPID-573035",
            "CSAFPID-204645",
            "CSAFPID-765367",
            "CSAFPID-765368",
            "CSAFPID-764242",
            "CSAFPID-76994",
            "CSAFPID-204623",
            "CSAFPID-352633",
            "CSAFPID-352632",
            "CSAFPID-765369",
            "CSAFPID-204528",
            "CSAFPID-342802",
            "CSAFPID-40610",
            "CSAFPID-40611",
            "CSAFPID-40609",
            "CSAFPID-180198",
            "CSAFPID-180196",
            "CSAFPID-180201",
            "CSAFPID-180202",
            "CSAFPID-40613",
            "CSAFPID-180199",
            "CSAFPID-93546",
            "CSAFPID-180195",
            "CSAFPID-180200",
            "CSAFPID-765371",
            "CSAFPID-89545",
            "CSAFPID-180215",
            "CSAFPID-180197",
            "CSAFPID-204639",
            "CSAFPID-204627",
            "CSAFPID-226017",
            "CSAFPID-219898",
            "CSAFPID-179774",
            "CSAFPID-342799",
            "CSAFPID-765372",
            "CSAFPID-220125",
            "CSAFPID-245244",
            "CSAFPID-204554",
            "CSAFPID-764739",
            "CSAFPID-204614",
            "CSAFPID-345031",
            "CSAFPID-204635",
            "CSAFPID-204595",
            "CSAFPID-204590",
            "CSAFPID-224787",
            "CSAFPID-1673381",
            "CSAFPID-1673382",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628"
          ]
        }
      ],
      "title": "CVE-2021-37137"
    },
    {
      "cve": "CVE-2022-2068",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
          "title": "CWE-77"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-40949",
          "CSAFPID-391501",
          "CSAFPID-440102",
          "CSAFPID-41516",
          "CSAFPID-41515",
          "CSAFPID-764237",
          "CSAFPID-45182",
          "CSAFPID-45181",
          "CSAFPID-45186",
          "CSAFPID-45185",
          "CSAFPID-90018",
          "CSAFPID-94290",
          "CSAFPID-260394",
          "CSAFPID-216017",
          "CSAFPID-764240",
          "CSAFPID-90021",
          "CSAFPID-94292",
          "CSAFPID-218028",
          "CSAFPID-94291",
          "CSAFPID-493443",
          "CSAFPID-224796",
          "CSAFPID-90019",
          "CSAFPID-90016",
          "CSAFPID-93777",
          "CSAFPID-93772",
          "CSAFPID-40293",
          "CSAFPID-345038",
          "CSAFPID-93629",
          "CSAFPID-93781",
          "CSAFPID-45192",
          "CSAFPID-608630",
          "CSAFPID-40292",
          "CSAFPID-40291",
          "CSAFPID-345039",
          "CSAFPID-93628",
          "CSAFPID-764780",
          "CSAFPID-764781",
          "CSAFPID-93775",
          "CSAFPID-93774",
          "CSAFPID-764782",
          "CSAFPID-342793",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-342803",
          "CSAFPID-204563",
          "CSAFPID-221118",
          "CSAFPID-240600",
          "CSAFPID-8984",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-40294",
          "CSAFPID-93631",
          "CSAFPID-764900",
          "CSAFPID-568240",
          "CSAFPID-355340",
          "CSAFPID-703515",
          "CSAFPID-204456",
          "CSAFPID-764735",
          "CSAFPID-204635",
          "CSAFPID-41183",
          "CSAFPID-234306",
          "CSAFPID-41182",
          "CSAFPID-226017",
          "CSAFPID-219898",
          "CSAFPID-179774",
          "CSAFPID-764738",
          "CSAFPID-764901",
          "CSAFPID-764902",
          "CSAFPID-220547",
          "CSAFPID-187447",
          "CSAFPID-760687",
          "CSAFPID-40947",
          "CSAFPID-2044",
          "CSAFPID-449747",
          "CSAFPID-40301",
          "CSAFPID-449746",
          "CSAFPID-40298",
          "CSAFPID-223527",
          "CSAFPID-760688",
          "CSAFPID-93636",
          "CSAFPID-40300",
          "CSAFPID-93653",
          "CSAFPID-642000",
          "CSAFPID-642002",
          "CSAFPID-642001",
          "CSAFPID-165576",
          "CSAFPID-764899",
          "CSAFPID-40948",
          "CSAFPID-426842",
          "CSAFPID-93630",
          "CSAFPID-204645",
          "CSAFPID-1893",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-2068",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2068.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40949",
            "CSAFPID-391501",
            "CSAFPID-440102",
            "CSAFPID-41516",
            "CSAFPID-41515",
            "CSAFPID-764237",
            "CSAFPID-45182",
            "CSAFPID-45181",
            "CSAFPID-45186",
            "CSAFPID-45185",
            "CSAFPID-90018",
            "CSAFPID-94290",
            "CSAFPID-260394",
            "CSAFPID-216017",
            "CSAFPID-764240",
            "CSAFPID-90021",
            "CSAFPID-94292",
            "CSAFPID-218028",
            "CSAFPID-94291",
            "CSAFPID-493443",
            "CSAFPID-224796",
            "CSAFPID-90019",
            "CSAFPID-90016",
            "CSAFPID-93777",
            "CSAFPID-93772",
            "CSAFPID-40293",
            "CSAFPID-345038",
            "CSAFPID-93629",
            "CSAFPID-93781",
            "CSAFPID-45192",
            "CSAFPID-608630",
            "CSAFPID-40292",
            "CSAFPID-40291",
            "CSAFPID-345039",
            "CSAFPID-93628",
            "CSAFPID-764780",
            "CSAFPID-764781",
            "CSAFPID-93775",
            "CSAFPID-93774",
            "CSAFPID-764782",
            "CSAFPID-342793",
            "CSAFPID-1261",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-342803",
            "CSAFPID-204563",
            "CSAFPID-221118",
            "CSAFPID-240600",
            "CSAFPID-8984",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-40294",
            "CSAFPID-93631",
            "CSAFPID-764900",
            "CSAFPID-568240",
            "CSAFPID-355340",
            "CSAFPID-703515",
            "CSAFPID-204456",
            "CSAFPID-764735",
            "CSAFPID-204635",
            "CSAFPID-41183",
            "CSAFPID-234306",
            "CSAFPID-41182",
            "CSAFPID-226017",
            "CSAFPID-219898",
            "CSAFPID-179774",
            "CSAFPID-764738",
            "CSAFPID-764901",
            "CSAFPID-764902",
            "CSAFPID-220547",
            "CSAFPID-187447",
            "CSAFPID-760687",
            "CSAFPID-40947",
            "CSAFPID-2044",
            "CSAFPID-449747",
            "CSAFPID-40301",
            "CSAFPID-449746",
            "CSAFPID-40298",
            "CSAFPID-223527",
            "CSAFPID-760688",
            "CSAFPID-93636",
            "CSAFPID-40300",
            "CSAFPID-93653",
            "CSAFPID-642000",
            "CSAFPID-642002",
            "CSAFPID-642001",
            "CSAFPID-165576",
            "CSAFPID-764899",
            "CSAFPID-40948",
            "CSAFPID-426842",
            "CSAFPID-93630",
            "CSAFPID-204645",
            "CSAFPID-1893",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-2601",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-2601",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-2601.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2022-2601"
    },
    {
      "cve": "CVE-2022-23437",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-204629",
          "CSAFPID-704410",
          "CSAFPID-704411",
          "CSAFPID-704412",
          "CSAFPID-226017",
          "CSAFPID-179774",
          "CSAFPID-219898",
          "CSAFPID-219826",
          "CSAFPID-204569",
          "CSAFPID-204510",
          "CSAFPID-220057",
          "CSAFPID-220055",
          "CSAFPID-220909",
          "CSAFPID-45184",
          "CSAFPID-45182",
          "CSAFPID-220559",
          "CSAFPID-220558",
          "CSAFPID-220327",
          "CSAFPID-220325",
          "CSAFPID-219838",
          "CSAFPID-220056",
          "CSAFPID-223511",
          "CSAFPID-216017",
          "CSAFPID-220889",
          "CSAFPID-220918",
          "CSAFPID-90020",
          "CSAFPID-90015",
          "CSAFPID-220133",
          "CSAFPID-220561",
          "CSAFPID-90021",
          "CSAFPID-220881",
          "CSAFPID-94291",
          "CSAFPID-220910",
          "CSAFPID-220324",
          "CSAFPID-224796",
          "CSAFPID-224795",
          "CSAFPID-220326",
          "CSAFPID-764734",
          "CSAFPID-40293",
          "CSAFPID-220167",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764736",
          "CSAFPID-764737",
          "CSAFPID-224793",
          "CSAFPID-342793",
          "CSAFPID-1265",
          "CSAFPID-219803",
          "CSAFPID-375182",
          "CSAFPID-342803",
          "CSAFPID-1266",
          "CSAFPID-219776",
          "CSAFPID-224791",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-764738",
          "CSAFPID-240600",
          "CSAFPID-764739",
          "CSAFPID-391501",
          "CSAFPID-440102",
          "CSAFPID-41516",
          "CSAFPID-41515",
          "CSAFPID-764237",
          "CSAFPID-45181",
          "CSAFPID-45186",
          "CSAFPID-45185",
          "CSAFPID-90018",
          "CSAFPID-94290",
          "CSAFPID-260394",
          "CSAFPID-764240",
          "CSAFPID-94292",
          "CSAFPID-218028",
          "CSAFPID-493443",
          "CSAFPID-90019",
          "CSAFPID-90016",
          "CSAFPID-93777",
          "CSAFPID-93772",
          "CSAFPID-345038",
          "CSAFPID-93629",
          "CSAFPID-45192",
          "CSAFPID-608630",
          "CSAFPID-40292",
          "CSAFPID-40291",
          "CSAFPID-345039",
          "CSAFPID-93628",
          "CSAFPID-764780",
          "CSAFPID-764781",
          "CSAFPID-93775",
          "CSAFPID-93774",
          "CSAFPID-764782",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-204563",
          "CSAFPID-8984",
          "CSAFPID-220548",
          "CSAFPID-608629",
          "CSAFPID-93784",
          "CSAFPID-41111",
          "CSAFPID-1685",
          "CSAFPID-493445",
          "CSAFPID-294401",
          "CSAFPID-220547",
          "CSAFPID-764824",
          "CSAFPID-220459",
          "CSAFPID-764825",
          "CSAFPID-93635",
          "CSAFPID-503534",
          "CSAFPID-503493",
          "CSAFPID-493444",
          "CSAFPID-93633",
          "CSAFPID-260395",
          "CSAFPID-260393",
          "CSAFPID-220468",
          "CSAFPID-93636",
          "CSAFPID-93634",
          "CSAFPID-589926",
          "CSAFPID-179780",
          "CSAFPID-589925",
          "CSAFPID-179779",
          "CSAFPID-764826",
          "CSAFPID-764827",
          "CSAFPID-764828",
          "CSAFPID-764829",
          "CSAFPID-764830",
          "CSAFPID-220190",
          "CSAFPID-220189",
          "CSAFPID-764833",
          "CSAFPID-41183",
          "CSAFPID-764834",
          "CSAFPID-234306",
          "CSAFPID-764835",
          "CSAFPID-187447",
          "CSAFPID-760687",
          "CSAFPID-40947",
          "CSAFPID-2044",
          "CSAFPID-449747",
          "CSAFPID-40301",
          "CSAFPID-449746",
          "CSAFPID-40298",
          "CSAFPID-223527",
          "CSAFPID-760688",
          "CSAFPID-40300",
          "CSAFPID-93653",
          "CSAFPID-40949",
          "CSAFPID-642000",
          "CSAFPID-642002",
          "CSAFPID-642001",
          "CSAFPID-165576",
          "CSAFPID-764899",
          "CSAFPID-40948",
          "CSAFPID-426842",
          "CSAFPID-93630",
          "CSAFPID-204645",
          "CSAFPID-1893",
          "CSAFPID-40294",
          "CSAFPID-93631",
          "CSAFPID-764900",
          "CSAFPID-568240",
          "CSAFPID-355340",
          "CSAFPID-703515",
          "CSAFPID-204456",
          "CSAFPID-204635",
          "CSAFPID-41182",
          "CSAFPID-764901",
          "CSAFPID-764902",
          "CSAFPID-1899",
          "CSAFPID-40299",
          "CSAFPID-1900",
          "CSAFPID-180194",
          "CSAFPID-41112",
          "CSAFPID-41110",
          "CSAFPID-41113",
          "CSAFPID-180193",
          "CSAFPID-1898",
          "CSAFPID-611587",
          "CSAFPID-40297",
          "CSAFPID-110244",
          "CSAFPID-110242",
          "CSAFPID-9489",
          "CSAFPID-110249",
          "CSAFPID-110243",
          "CSAFPID-765241",
          "CSAFPID-209546",
          "CSAFPID-207586",
          "CSAFPID-765242",
          "CSAFPID-205759",
          "CSAFPID-765365",
          "CSAFPID-765366",
          "CSAFPID-342804",
          "CSAFPID-342805",
          "CSAFPID-1882",
          "CSAFPID-573035",
          "CSAFPID-765367",
          "CSAFPID-765368",
          "CSAFPID-764242",
          "CSAFPID-76994",
          "CSAFPID-204623",
          "CSAFPID-352633",
          "CSAFPID-352632",
          "CSAFPID-765369",
          "CSAFPID-204528",
          "CSAFPID-342802",
          "CSAFPID-40610",
          "CSAFPID-40611",
          "CSAFPID-40609",
          "CSAFPID-180198",
          "CSAFPID-180217",
          "CSAFPID-180196",
          "CSAFPID-40612",
          "CSAFPID-180201",
          "CSAFPID-180216",
          "CSAFPID-180202",
          "CSAFPID-40613",
          "CSAFPID-40608",
          "CSAFPID-180199",
          "CSAFPID-93546",
          "CSAFPID-180195",
          "CSAFPID-2310",
          "CSAFPID-93547",
          "CSAFPID-180200",
          "CSAFPID-765371",
          "CSAFPID-89545",
          "CSAFPID-180215",
          "CSAFPID-180197",
          "CSAFPID-204639",
          "CSAFPID-204627",
          "CSAFPID-342799",
          "CSAFPID-765372",
          "CSAFPID-220125",
          "CSAFPID-245244",
          "CSAFPID-204554",
          "CSAFPID-204614",
          "CSAFPID-345031",
          "CSAFPID-204595",
          "CSAFPID-204590",
          "CSAFPID-224787",
          "CSAFPID-1673065",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-23437",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-23437.json"
        }
      ],
      "title": "CVE-2022-23437"
    },
    {
      "cve": "CVE-2022-36760",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220057",
          "CSAFPID-220055",
          "CSAFPID-220909",
          "CSAFPID-45184",
          "CSAFPID-45182",
          "CSAFPID-220559",
          "CSAFPID-220558",
          "CSAFPID-220327",
          "CSAFPID-220325",
          "CSAFPID-219838",
          "CSAFPID-220056",
          "CSAFPID-223511",
          "CSAFPID-216017",
          "CSAFPID-220889",
          "CSAFPID-220918",
          "CSAFPID-90020",
          "CSAFPID-90015",
          "CSAFPID-220133",
          "CSAFPID-220561",
          "CSAFPID-90021",
          "CSAFPID-220881",
          "CSAFPID-94291",
          "CSAFPID-220910",
          "CSAFPID-220324",
          "CSAFPID-224796",
          "CSAFPID-224795",
          "CSAFPID-220326",
          "CSAFPID-764734",
          "CSAFPID-40293",
          "CSAFPID-220167",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764736",
          "CSAFPID-764737",
          "CSAFPID-224793",
          "CSAFPID-342793",
          "CSAFPID-1265",
          "CSAFPID-704412",
          "CSAFPID-704411",
          "CSAFPID-704410",
          "CSAFPID-219803",
          "CSAFPID-375182",
          "CSAFPID-342803",
          "CSAFPID-1266",
          "CSAFPID-219776",
          "CSAFPID-224791",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-764738",
          "CSAFPID-240600",
          "CSAFPID-764739",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-391501",
          "CSAFPID-440102",
          "CSAFPID-41516",
          "CSAFPID-41515",
          "CSAFPID-764237",
          "CSAFPID-45181",
          "CSAFPID-45186",
          "CSAFPID-45185",
          "CSAFPID-90018",
          "CSAFPID-94290",
          "CSAFPID-260394",
          "CSAFPID-764240",
          "CSAFPID-94292",
          "CSAFPID-218028",
          "CSAFPID-493443",
          "CSAFPID-90019",
          "CSAFPID-90016",
          "CSAFPID-93777",
          "CSAFPID-93772",
          "CSAFPID-345038",
          "CSAFPID-93629",
          "CSAFPID-45192",
          "CSAFPID-608630",
          "CSAFPID-40292",
          "CSAFPID-40291",
          "CSAFPID-345039",
          "CSAFPID-93628",
          "CSAFPID-764780",
          "CSAFPID-764781",
          "CSAFPID-93775",
          "CSAFPID-93774",
          "CSAFPID-764782",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-204563",
          "CSAFPID-8984",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-36760",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36760.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220057",
            "CSAFPID-220055",
            "CSAFPID-220909",
            "CSAFPID-45184",
            "CSAFPID-45182",
            "CSAFPID-220559",
            "CSAFPID-220558",
            "CSAFPID-220327",
            "CSAFPID-220325",
            "CSAFPID-219838",
            "CSAFPID-220056",
            "CSAFPID-223511",
            "CSAFPID-216017",
            "CSAFPID-220889",
            "CSAFPID-220918",
            "CSAFPID-90020",
            "CSAFPID-90015",
            "CSAFPID-220133",
            "CSAFPID-220561",
            "CSAFPID-90021",
            "CSAFPID-220881",
            "CSAFPID-94291",
            "CSAFPID-220910",
            "CSAFPID-220324",
            "CSAFPID-224796",
            "CSAFPID-224795",
            "CSAFPID-220326",
            "CSAFPID-764734",
            "CSAFPID-40293",
            "CSAFPID-220167",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764736",
            "CSAFPID-764737",
            "CSAFPID-224793",
            "CSAFPID-342793",
            "CSAFPID-1265",
            "CSAFPID-704412",
            "CSAFPID-704411",
            "CSAFPID-704410",
            "CSAFPID-219803",
            "CSAFPID-375182",
            "CSAFPID-342803",
            "CSAFPID-1266",
            "CSAFPID-219776",
            "CSAFPID-224791",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-764738",
            "CSAFPID-240600",
            "CSAFPID-764739",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-391501",
            "CSAFPID-440102",
            "CSAFPID-41516",
            "CSAFPID-41515",
            "CSAFPID-764237",
            "CSAFPID-45181",
            "CSAFPID-45186",
            "CSAFPID-45185",
            "CSAFPID-90018",
            "CSAFPID-94290",
            "CSAFPID-260394",
            "CSAFPID-764240",
            "CSAFPID-94292",
            "CSAFPID-218028",
            "CSAFPID-493443",
            "CSAFPID-90019",
            "CSAFPID-90016",
            "CSAFPID-93777",
            "CSAFPID-93772",
            "CSAFPID-345038",
            "CSAFPID-93629",
            "CSAFPID-45192",
            "CSAFPID-608630",
            "CSAFPID-40292",
            "CSAFPID-40291",
            "CSAFPID-345039",
            "CSAFPID-93628",
            "CSAFPID-764780",
            "CSAFPID-764781",
            "CSAFPID-93775",
            "CSAFPID-93774",
            "CSAFPID-764782",
            "CSAFPID-1261",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-204563",
            "CSAFPID-8984",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2022-36760"
    },
    {
      "cve": "CVE-2023-2953",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1673391",
          "CSAFPID-1673392",
          "CSAFPID-1673393",
          "CSAFPID-1673394",
          "CSAFPID-1673395",
          "CSAFPID-1673396",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-2953",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2953.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1673391",
            "CSAFPID-1673392",
            "CSAFPID-1673393",
            "CSAFPID-1673394",
            "CSAFPID-1673395",
            "CSAFPID-1673396",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2023-2953"
    },
    {
      "cve": "CVE-2023-3635",
      "cwe": {
        "id": "CWE-195",
        "name": "Signed to Unsigned Conversion Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Signed to Unsigned Conversion Error",
          "title": "CWE-195"
        },
        {
          "category": "other",
          "text": "Uncaught Exception",
          "title": "CWE-248"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-94291",
          "CSAFPID-40293",
          "CSAFPID-204622",
          "CSAFPID-1265",
          "CSAFPID-1261",
          "CSAFPID-1266",
          "CSAFPID-8984",
          "CSAFPID-1673399",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912077",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-219909",
          "CSAFPID-220558",
          "CSAFPID-221118",
          "CSAFPID-224790",
          "CSAFPID-240600",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611401",
          "CSAFPID-611406",
          "CSAFPID-611407",
          "CSAFPID-611408",
          "CSAFPID-611413",
          "CSAFPID-611595",
          "CSAFPID-204510",
          "CSAFPID-204563",
          "CSAFPID-204569",
          "CSAFPID-219803",
          "CSAFPID-219838",
          "CSAFPID-224793",
          "CSAFPID-342793",
          "CSAFPID-342803",
          "CSAFPID-614513",
          "CSAFPID-614514",
          "CSAFPID-614515",
          "CSAFPID-614516",
          "CSAFPID-614517",
          "CSAFPID-618156",
          "CSAFPID-643776",
          "CSAFPID-764237",
          "CSAFPID-764238",
          "CSAFPID-764239",
          "CSAFPID-764240",
          "CSAFPID-764241",
          "CSAFPID-764242",
          "CSAFPID-764243",
          "CSAFPID-764247",
          "CSAFPID-764248",
          "CSAFPID-764249",
          "CSAFPID-816346",
          "CSAFPID-816347",
          "CSAFPID-816348",
          "CSAFPID-816349",
          "CSAFPID-816350",
          "CSAFPID-816351",
          "CSAFPID-816352",
          "CSAFPID-816353",
          "CSAFPID-816354",
          "CSAFPID-816355",
          "CSAFPID-816357",
          "CSAFPID-816358",
          "CSAFPID-816359",
          "CSAFPID-816765",
          "CSAFPID-816766",
          "CSAFPID-816767",
          "CSAFPID-816768",
          "CSAFPID-816769",
          "CSAFPID-816770",
          "CSAFPID-816771",
          "CSAFPID-816772",
          "CSAFPID-816773",
          "CSAFPID-816774",
          "CSAFPID-816775",
          "CSAFPID-816776",
          "CSAFPID-816777",
          "CSAFPID-816778",
          "CSAFPID-816779",
          "CSAFPID-816780",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-816783",
          "CSAFPID-816784",
          "CSAFPID-816785",
          "CSAFPID-816786",
          "CSAFPID-816787",
          "CSAFPID-816788",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-816791",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-816794",
          "CSAFPID-816795",
          "CSAFPID-816796",
          "CSAFPID-816797",
          "CSAFPID-764735",
          "CSAFPID-764738",
          "CSAFPID-912073",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-224795",
          "CSAFPID-912102",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-3635",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-3635.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-94291",
            "CSAFPID-40293",
            "CSAFPID-204622",
            "CSAFPID-1265",
            "CSAFPID-1261",
            "CSAFPID-1266",
            "CSAFPID-8984",
            "CSAFPID-1673399",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912077",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-219909",
            "CSAFPID-220558",
            "CSAFPID-221118",
            "CSAFPID-224790",
            "CSAFPID-240600",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611401",
            "CSAFPID-611406",
            "CSAFPID-611407",
            "CSAFPID-611408",
            "CSAFPID-611413",
            "CSAFPID-611595",
            "CSAFPID-204510",
            "CSAFPID-204563",
            "CSAFPID-204569",
            "CSAFPID-219803",
            "CSAFPID-219838",
            "CSAFPID-224793",
            "CSAFPID-342793",
            "CSAFPID-342803",
            "CSAFPID-614513",
            "CSAFPID-614514",
            "CSAFPID-614515",
            "CSAFPID-614516",
            "CSAFPID-614517",
            "CSAFPID-618156",
            "CSAFPID-643776",
            "CSAFPID-764237",
            "CSAFPID-764238",
            "CSAFPID-764239",
            "CSAFPID-764240",
            "CSAFPID-764241",
            "CSAFPID-764242",
            "CSAFPID-764243",
            "CSAFPID-764247",
            "CSAFPID-764248",
            "CSAFPID-764249",
            "CSAFPID-816346",
            "CSAFPID-816347",
            "CSAFPID-816348",
            "CSAFPID-816349",
            "CSAFPID-816350",
            "CSAFPID-816351",
            "CSAFPID-816352",
            "CSAFPID-816353",
            "CSAFPID-816354",
            "CSAFPID-816355",
            "CSAFPID-816357",
            "CSAFPID-816358",
            "CSAFPID-816359",
            "CSAFPID-816765",
            "CSAFPID-816766",
            "CSAFPID-816767",
            "CSAFPID-816768",
            "CSAFPID-816769",
            "CSAFPID-816770",
            "CSAFPID-816771",
            "CSAFPID-816772",
            "CSAFPID-816773",
            "CSAFPID-816774",
            "CSAFPID-816775",
            "CSAFPID-816776",
            "CSAFPID-816777",
            "CSAFPID-816778",
            "CSAFPID-816779",
            "CSAFPID-816780",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-816783",
            "CSAFPID-816784",
            "CSAFPID-816785",
            "CSAFPID-816786",
            "CSAFPID-816787",
            "CSAFPID-816788",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-816791",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-816794",
            "CSAFPID-816795",
            "CSAFPID-816796",
            "CSAFPID-816797",
            "CSAFPID-764735",
            "CSAFPID-764738",
            "CSAFPID-912073",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-224795",
            "CSAFPID-912102",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242"
          ]
        }
      ],
      "title": "CVE-2023-3635"
    },
    {
      "cve": "CVE-2023-4043",
      "cwe": {
        "id": "CWE-834",
        "name": "Excessive Iteration"
      },
      "notes": [
        {
          "category": "other",
          "text": "Excessive Iteration",
          "title": "CWE-834"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816765",
          "CSAFPID-816766",
          "CSAFPID-816767",
          "CSAFPID-816768",
          "CSAFPID-816769",
          "CSAFPID-816770",
          "CSAFPID-816771",
          "CSAFPID-816772",
          "CSAFPID-219838",
          "CSAFPID-611387",
          "CSAFPID-816773",
          "CSAFPID-816774",
          "CSAFPID-816775",
          "CSAFPID-816346",
          "CSAFPID-816776",
          "CSAFPID-816348",
          "CSAFPID-816777",
          "CSAFPID-816347",
          "CSAFPID-94291",
          "CSAFPID-816778",
          "CSAFPID-614517",
          "CSAFPID-816779",
          "CSAFPID-816349",
          "CSAFPID-40293",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816780",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-816783",
          "CSAFPID-816784",
          "CSAFPID-816785",
          "CSAFPID-816353",
          "CSAFPID-816786",
          "CSAFPID-816787",
          "CSAFPID-816788",
          "CSAFPID-816352",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-342804",
          "CSAFPID-816791",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-224793",
          "CSAFPID-816794",
          "CSAFPID-342793",
          "CSAFPID-1265",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912077",
          "CSAFPID-912545",
          "CSAFPID-764240",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-224795",
          "CSAFPID-912548",
          "CSAFPID-912102",
          "CSAFPID-912549",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-219776",
          "CSAFPID-765242",
          "CSAFPID-1266",
          "CSAFPID-8984",
          "CSAFPID-204510",
          "CSAFPID-204563",
          "CSAFPID-204569",
          "CSAFPID-219803",
          "CSAFPID-219909",
          "CSAFPID-221118",
          "CSAFPID-224790",
          "CSAFPID-240600",
          "CSAFPID-342803",
          "CSAFPID-611595",
          "CSAFPID-764738",
          "CSAFPID-816351",
          "CSAFPID-816354",
          "CSAFPID-816355",
          "CSAFPID-816357",
          "CSAFPID-816358",
          "CSAFPID-816359",
          "CSAFPID-816795",
          "CSAFPID-816796",
          "CSAFPID-816797",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-219826",
          "CSAFPID-764739",
          "CSAFPID-912073",
          "CSAFPID-912558"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4043",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816765",
            "CSAFPID-816766",
            "CSAFPID-816767",
            "CSAFPID-816768",
            "CSAFPID-816769",
            "CSAFPID-816770",
            "CSAFPID-816771",
            "CSAFPID-816772",
            "CSAFPID-219838",
            "CSAFPID-611387",
            "CSAFPID-816773",
            "CSAFPID-816774",
            "CSAFPID-816775",
            "CSAFPID-816346",
            "CSAFPID-816776",
            "CSAFPID-816348",
            "CSAFPID-816777",
            "CSAFPID-816347",
            "CSAFPID-94291",
            "CSAFPID-816778",
            "CSAFPID-614517",
            "CSAFPID-816779",
            "CSAFPID-816349",
            "CSAFPID-40293",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816780",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-816783",
            "CSAFPID-816784",
            "CSAFPID-816785",
            "CSAFPID-816353",
            "CSAFPID-816786",
            "CSAFPID-816787",
            "CSAFPID-816788",
            "CSAFPID-816352",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-342804",
            "CSAFPID-816791",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-224793",
            "CSAFPID-816794",
            "CSAFPID-342793",
            "CSAFPID-1265",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-204622",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912077",
            "CSAFPID-912545",
            "CSAFPID-764240",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-224795",
            "CSAFPID-912548",
            "CSAFPID-912102",
            "CSAFPID-912549",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-219776",
            "CSAFPID-765242",
            "CSAFPID-1266",
            "CSAFPID-8984",
            "CSAFPID-204510",
            "CSAFPID-204563",
            "CSAFPID-204569",
            "CSAFPID-219803",
            "CSAFPID-219909",
            "CSAFPID-221118",
            "CSAFPID-224790",
            "CSAFPID-240600",
            "CSAFPID-342803",
            "CSAFPID-611595",
            "CSAFPID-764738",
            "CSAFPID-816351",
            "CSAFPID-816354",
            "CSAFPID-816355",
            "CSAFPID-816357",
            "CSAFPID-816358",
            "CSAFPID-816359",
            "CSAFPID-816795",
            "CSAFPID-816796",
            "CSAFPID-816797",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-219826",
            "CSAFPID-764739",
            "CSAFPID-912073",
            "CSAFPID-912558"
          ]
        }
      ],
      "title": "CVE-2023-4043"
    },
    {
      "cve": "CVE-2023-5685",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-1650751",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-5685",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5685.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-1650751",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2023-5685"
    },
    {
      "cve": "CVE-2023-6597",
      "cwe": {
        "id": "CWE-61",
        "name": "UNIX Symbolic Link (Symlink) Following"
      },
      "notes": [
        {
          "category": "other",
          "text": "UNIX Symbolic Link (Symlink) Following",
          "title": "CWE-61"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1673396",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6597",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6597.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1673396",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2023-6597"
    },
    {
      "cve": "CVE-2023-6816",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
          "title": "CWE-119"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-6816",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6816.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2023-6816"
    },
    {
      "cve": "CVE-2023-38408",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "title": "CWE-94"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-45182",
          "CSAFPID-40293",
          "CSAFPID-611406",
          "CSAFPID-764237",
          "CSAFPID-220558",
          "CSAFPID-764238",
          "CSAFPID-764239",
          "CSAFPID-614513",
          "CSAFPID-643776",
          "CSAFPID-611387",
          "CSAFPID-618156",
          "CSAFPID-614516",
          "CSAFPID-614515",
          "CSAFPID-614514",
          "CSAFPID-764240",
          "CSAFPID-94291",
          "CSAFPID-611401",
          "CSAFPID-614517",
          "CSAFPID-764241",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-764243",
          "CSAFPID-342804",
          "CSAFPID-611408",
          "CSAFPID-611407",
          "CSAFPID-764247",
          "CSAFPID-764248",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-611595",
          "CSAFPID-764249",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-240600",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-38408",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-38408.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-45182",
            "CSAFPID-40293",
            "CSAFPID-611406",
            "CSAFPID-764237",
            "CSAFPID-220558",
            "CSAFPID-764238",
            "CSAFPID-764239",
            "CSAFPID-614513",
            "CSAFPID-643776",
            "CSAFPID-611387",
            "CSAFPID-618156",
            "CSAFPID-614516",
            "CSAFPID-614515",
            "CSAFPID-614514",
            "CSAFPID-764240",
            "CSAFPID-94291",
            "CSAFPID-611401",
            "CSAFPID-614517",
            "CSAFPID-764241",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-764243",
            "CSAFPID-342804",
            "CSAFPID-611408",
            "CSAFPID-611407",
            "CSAFPID-764247",
            "CSAFPID-764248",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-611595",
            "CSAFPID-764249",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-240600",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2023-38408"
    },
    {
      "cve": "CVE-2023-43642",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-40293",
          "CSAFPID-1265",
          "CSAFPID-1261",
          "CSAFPID-1266",
          "CSAFPID-8984",
          "CSAFPID-1673395",
          "CSAFPID-94291",
          "CSAFPID-204510",
          "CSAFPID-204563",
          "CSAFPID-204569",
          "CSAFPID-204622",
          "CSAFPID-219803",
          "CSAFPID-219838",
          "CSAFPID-219909",
          "CSAFPID-221118",
          "CSAFPID-224790",
          "CSAFPID-224793",
          "CSAFPID-240600",
          "CSAFPID-342793",
          "CSAFPID-342803",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611413",
          "CSAFPID-611595",
          "CSAFPID-614517",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764738",
          "CSAFPID-816346",
          "CSAFPID-816347",
          "CSAFPID-816348",
          "CSAFPID-816349",
          "CSAFPID-816350",
          "CSAFPID-816351",
          "CSAFPID-816352",
          "CSAFPID-816353",
          "CSAFPID-816354",
          "CSAFPID-816355",
          "CSAFPID-816357",
          "CSAFPID-816358",
          "CSAFPID-816359",
          "CSAFPID-816765",
          "CSAFPID-816766",
          "CSAFPID-816767",
          "CSAFPID-816768",
          "CSAFPID-816769",
          "CSAFPID-816770",
          "CSAFPID-816771",
          "CSAFPID-816772",
          "CSAFPID-816773",
          "CSAFPID-816774",
          "CSAFPID-816775",
          "CSAFPID-816776",
          "CSAFPID-816777",
          "CSAFPID-816778",
          "CSAFPID-816779",
          "CSAFPID-816780",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-816783",
          "CSAFPID-816784",
          "CSAFPID-816785",
          "CSAFPID-816786",
          "CSAFPID-816787",
          "CSAFPID-816788",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-816791",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-816794",
          "CSAFPID-816795",
          "CSAFPID-816796",
          "CSAFPID-816797"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-43642",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-43642.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-40293",
            "CSAFPID-1265",
            "CSAFPID-1261",
            "CSAFPID-1266",
            "CSAFPID-8984",
            "CSAFPID-1673395",
            "CSAFPID-94291",
            "CSAFPID-204510",
            "CSAFPID-204563",
            "CSAFPID-204569",
            "CSAFPID-204622",
            "CSAFPID-219803",
            "CSAFPID-219838",
            "CSAFPID-219909",
            "CSAFPID-221118",
            "CSAFPID-224790",
            "CSAFPID-224793",
            "CSAFPID-240600",
            "CSAFPID-342793",
            "CSAFPID-342803",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611413",
            "CSAFPID-611595",
            "CSAFPID-614517",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764738",
            "CSAFPID-816346",
            "CSAFPID-816347",
            "CSAFPID-816348",
            "CSAFPID-816349",
            "CSAFPID-816350",
            "CSAFPID-816351",
            "CSAFPID-816352",
            "CSAFPID-816353",
            "CSAFPID-816354",
            "CSAFPID-816355",
            "CSAFPID-816357",
            "CSAFPID-816358",
            "CSAFPID-816359",
            "CSAFPID-816765",
            "CSAFPID-816766",
            "CSAFPID-816767",
            "CSAFPID-816768",
            "CSAFPID-816769",
            "CSAFPID-816770",
            "CSAFPID-816771",
            "CSAFPID-816772",
            "CSAFPID-816773",
            "CSAFPID-816774",
            "CSAFPID-816775",
            "CSAFPID-816776",
            "CSAFPID-816777",
            "CSAFPID-816778",
            "CSAFPID-816779",
            "CSAFPID-816780",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-816783",
            "CSAFPID-816784",
            "CSAFPID-816785",
            "CSAFPID-816786",
            "CSAFPID-816787",
            "CSAFPID-816788",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-816791",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-816794",
            "CSAFPID-816795",
            "CSAFPID-816796",
            "CSAFPID-816797"
          ]
        }
      ],
      "title": "CVE-2023-43642"
    },
    {
      "cve": "CVE-2023-46136",
      "cwe": {
        "id": "CWE-407",
        "name": "Inefficient Algorithmic Complexity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inefficient Algorithmic Complexity",
          "title": "CWE-407"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673411",
          "CSAFPID-912549",
          "CSAFPID-1673412",
          "CSAFPID-1673413",
          "CSAFPID-1673414",
          "CSAFPID-1673396",
          "CSAFPID-1503590",
          "CSAFPID-1673393",
          "CSAFPID-1673395",
          "CSAFPID-220132",
          "CSAFPID-1503585",
          "CSAFPID-1673392",
          "CSAFPID-1503589",
          "CSAFPID-1673415",
          "CSAFPID-1673416",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46136",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46136.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673411",
            "CSAFPID-912549",
            "CSAFPID-1673412",
            "CSAFPID-1673413",
            "CSAFPID-1673414",
            "CSAFPID-1673396",
            "CSAFPID-1503590",
            "CSAFPID-1673393",
            "CSAFPID-1673395",
            "CSAFPID-220132",
            "CSAFPID-1503585",
            "CSAFPID-1673392",
            "CSAFPID-1503589",
            "CSAFPID-1673415",
            "CSAFPID-1673416",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2023-46136"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "other",
          "text": "Truncation of Security-relevant Information",
          "title": "CWE-222"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-816765",
          "CSAFPID-816766",
          "CSAFPID-816767",
          "CSAFPID-816768",
          "CSAFPID-816769",
          "CSAFPID-816770",
          "CSAFPID-816771",
          "CSAFPID-816772",
          "CSAFPID-219838",
          "CSAFPID-611387",
          "CSAFPID-816773",
          "CSAFPID-816774",
          "CSAFPID-816775",
          "CSAFPID-816346",
          "CSAFPID-816776",
          "CSAFPID-816348",
          "CSAFPID-816777",
          "CSAFPID-816347",
          "CSAFPID-94291",
          "CSAFPID-816778",
          "CSAFPID-614517",
          "CSAFPID-816779",
          "CSAFPID-816349",
          "CSAFPID-40293",
          "CSAFPID-764242",
          "CSAFPID-816780",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-816783",
          "CSAFPID-816784",
          "CSAFPID-816785",
          "CSAFPID-816353",
          "CSAFPID-816786",
          "CSAFPID-816352",
          "CSAFPID-342804",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-224793",
          "CSAFPID-342793",
          "CSAFPID-1265",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-219803",
          "CSAFPID-816351",
          "CSAFPID-611595",
          "CSAFPID-342803",
          "CSAFPID-1266",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-1673417",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-912076",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-90016",
          "CSAFPID-764826",
          "CSAFPID-345038",
          "CSAFPID-912079",
          "CSAFPID-220132",
          "CSAFPID-93781",
          "CSAFPID-345039",
          "CSAFPID-912080",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-764240",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-224795",
          "CSAFPID-912548",
          "CSAFPID-611413",
          "CSAFPID-240600",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-816357",
          "CSAFPID-816358",
          "CSAFPID-816359",
          "CSAFPID-816787",
          "CSAFPID-816788",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-816791",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-816794",
          "CSAFPID-816795",
          "CSAFPID-816796",
          "CSAFPID-816797",
          "CSAFPID-8984",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-764739",
          "CSAFPID-765242",
          "CSAFPID-912073",
          "CSAFPID-912102",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-1503601",
          "CSAFPID-1503602"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-48795",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-816765",
            "CSAFPID-816766",
            "CSAFPID-816767",
            "CSAFPID-816768",
            "CSAFPID-816769",
            "CSAFPID-816770",
            "CSAFPID-816771",
            "CSAFPID-816772",
            "CSAFPID-219838",
            "CSAFPID-611387",
            "CSAFPID-816773",
            "CSAFPID-816774",
            "CSAFPID-816775",
            "CSAFPID-816346",
            "CSAFPID-816776",
            "CSAFPID-816348",
            "CSAFPID-816777",
            "CSAFPID-816347",
            "CSAFPID-94291",
            "CSAFPID-816778",
            "CSAFPID-614517",
            "CSAFPID-816779",
            "CSAFPID-816349",
            "CSAFPID-40293",
            "CSAFPID-764242",
            "CSAFPID-816780",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-816783",
            "CSAFPID-816784",
            "CSAFPID-816785",
            "CSAFPID-816353",
            "CSAFPID-816786",
            "CSAFPID-816352",
            "CSAFPID-342804",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-224793",
            "CSAFPID-342793",
            "CSAFPID-1265",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-219803",
            "CSAFPID-816351",
            "CSAFPID-611595",
            "CSAFPID-342803",
            "CSAFPID-1266",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-1673417",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-912076",
            "CSAFPID-912077",
            "CSAFPID-912078",
            "CSAFPID-90016",
            "CSAFPID-764826",
            "CSAFPID-345038",
            "CSAFPID-912079",
            "CSAFPID-220132",
            "CSAFPID-93781",
            "CSAFPID-345039",
            "CSAFPID-912080",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-764240",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-224795",
            "CSAFPID-912548",
            "CSAFPID-611413",
            "CSAFPID-240600",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-816357",
            "CSAFPID-816358",
            "CSAFPID-816359",
            "CSAFPID-816787",
            "CSAFPID-816788",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-816791",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-816794",
            "CSAFPID-816795",
            "CSAFPID-816796",
            "CSAFPID-816797",
            "CSAFPID-8984",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-764739",
            "CSAFPID-765242",
            "CSAFPID-912073",
            "CSAFPID-912102",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-1503601",
            "CSAFPID-1503602"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-51775",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650751",
          "CSAFPID-1673395",
          "CSAFPID-1673396",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-224795",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611413",
          "CSAFPID-614517",
          "CSAFPID-764237",
          "CSAFPID-764240",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242",
          "CSAFPID-816348",
          "CSAFPID-816773",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912068",
          "CSAFPID-912073",
          "CSAFPID-912076",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51775",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51775.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650751",
            "CSAFPID-1673395",
            "CSAFPID-1673396",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-224795",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611413",
            "CSAFPID-614517",
            "CSAFPID-764237",
            "CSAFPID-764240",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242",
            "CSAFPID-816348",
            "CSAFPID-816773",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912068",
            "CSAFPID-912073",
            "CSAFPID-912076",
            "CSAFPID-912077",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2023-51775"
    },
    {
      "cve": "CVE-2023-52428",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-912539",
          "CSAFPID-816773",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-224795",
          "CSAFPID-342804",
          "CSAFPID-611413",
          "CSAFPID-614517",
          "CSAFPID-764240",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912073",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912102",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52428",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-912539",
            "CSAFPID-816773",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-224795",
            "CSAFPID-342804",
            "CSAFPID-611413",
            "CSAFPID-614517",
            "CSAFPID-764240",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912073",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912102",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2023-52428"
    },
    {
      "cve": "CVE-2024-0450",
      "cwe": {
        "id": "CWE-450",
        "name": "Multiple Interpretations of UI Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Multiple Interpretations of UI Input",
          "title": "CWE-450"
        },
        {
          "category": "other",
          "text": "Asymmetric Resource Consumption (Amplification)",
          "title": "CWE-405"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-0450",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-0450"
    },
    {
      "cve": "CVE-2024-2398",
      "cwe": {
        "id": "CWE-772",
        "name": "Missing Release of Resource after Effective Lifetime"
      },
      "notes": [
        {
          "category": "other",
          "text": "Missing Release of Resource after Effective Lifetime",
          "title": "CWE-772"
        },
        {
          "category": "other",
          "text": "Missing Release of Memory after Effective Lifetime",
          "title": "CWE-401"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1673399",
          "CSAFPID-1673391",
          "CSAFPID-1673394",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2398",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2398.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1673399",
            "CSAFPID-1673391",
            "CSAFPID-1673394",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-2398"
    },
    {
      "cve": "CVE-2024-4577",
      "cwe": {
        "id": "CWE-88",
        "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
          "title": "CWE-88"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650731",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4577",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650731",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-4577"
    },
    {
      "cve": "CVE-2024-4603",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unchecked Input for Loop Condition",
          "title": "CWE-606"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673391",
          "CSAFPID-1673394",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-4603",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673391",
            "CSAFPID-1673394",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-4603"
    },
    {
      "cve": "CVE-2024-5585",
      "cwe": {
        "id": "CWE-116",
        "name": "Improper Encoding or Escaping of Output"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Encoding or Escaping of Output",
          "title": "CWE-116"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
          "title": "CWE-78"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
          "title": "CWE-88"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650731",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5585",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650731",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628"
          ]
        }
      ],
      "title": "CVE-2024-5585"
    },
    {
      "cve": "CVE-2024-5971",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1673399",
          "CSAFPID-1673526",
          "CSAFPID-1673413",
          "CSAFPID-1673396",
          "CSAFPID-1673415",
          "CSAFPID-1673501",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5971",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5971.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1673399",
            "CSAFPID-1673526",
            "CSAFPID-1673413",
            "CSAFPID-1673396",
            "CSAFPID-1673415",
            "CSAFPID-1673501",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-5971"
    },
    {
      "cve": "CVE-2024-6162",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-1650751",
          "CSAFPID-1673526",
          "CSAFPID-1673399",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6162",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-1650751",
            "CSAFPID-1673526",
            "CSAFPID-1673399",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-6162"
    },
    {
      "cve": "CVE-2024-6387",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        },
        {
          "category": "other",
          "text": "Signal Handler Race Condition",
          "title": "CWE-364"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1503595",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6387",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6387.json"
        }
      ],
      "title": "CVE-2024-6387"
    },
    {
      "cve": "CVE-2024-7254",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673391",
          "CSAFPID-1673394",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7254",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json"
        }
      ],
      "title": "CVE-2024-7254"
    },
    {
      "cve": "CVE-2024-7264",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673530",
          "CSAFPID-1673382",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-7264",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673530",
            "CSAFPID-1673382",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628"
          ]
        }
      ],
      "title": "CVE-2024-7264"
    },
    {
      "cve": "CVE-2024-22020",
      "product_status": {
        "known_affected": [
          "CSAFPID-912101",
          "CSAFPID-1673473",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22020",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912101",
            "CSAFPID-1673473",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-22020"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673475",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-912068",
          "CSAFPID-912073",
          "CSAFPID-912076",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-219776",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-224795",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611413",
          "CSAFPID-614517",
          "CSAFPID-764237",
          "CSAFPID-764240",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242",
          "CSAFPID-816348",
          "CSAFPID-816773",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673475",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-912068",
            "CSAFPID-912073",
            "CSAFPID-912076",
            "CSAFPID-912077",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-219776",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-224795",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611413",
            "CSAFPID-614517",
            "CSAFPID-764237",
            "CSAFPID-764240",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242",
            "CSAFPID-816348",
            "CSAFPID-816773",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22257",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-764237",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-816773",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-764240",
          "CSAFPID-614517",
          "CSAFPID-224795",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-342804",
          "CSAFPID-912080",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-219776",
          "CSAFPID-765242",
          "CSAFPID-764739",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-912073",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22257",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22257.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-764237",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-816773",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-764240",
            "CSAFPID-614517",
            "CSAFPID-224795",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-342804",
            "CSAFPID-912080",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-219776",
            "CSAFPID-765242",
            "CSAFPID-764739",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-912073",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-22257"
    },
    {
      "cve": "CVE-2024-22262",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-1650820",
          "CSAFPID-1650751",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22262",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-1650820",
            "CSAFPID-1650751",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete Cleanup",
          "title": "CWE-459"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650826",
          "CSAFPID-1650731",
          "CSAFPID-1673382",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-912539",
          "CSAFPID-816773",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-912545",
          "CSAFPID-764240",
          "CSAFPID-912546",
          "CSAFPID-614517",
          "CSAFPID-912547",
          "CSAFPID-224795",
          "CSAFPID-912548",
          "CSAFPID-912102",
          "CSAFPID-912549",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912553",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-342804",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-765242",
          "CSAFPID-912073",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23672",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650826",
            "CSAFPID-1650731",
            "CSAFPID-1673382",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-912539",
            "CSAFPID-816773",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-912545",
            "CSAFPID-764240",
            "CSAFPID-912546",
            "CSAFPID-614517",
            "CSAFPID-912547",
            "CSAFPID-224795",
            "CSAFPID-912548",
            "CSAFPID-912102",
            "CSAFPID-912549",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912553",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-342804",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-765242",
            "CSAFPID-912073",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-23807",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650734",
          "CSAFPID-1650830",
          "CSAFPID-1650777",
          "CSAFPID-204622",
          "CSAFPID-219909",
          "CSAFPID-1650778",
          "CSAFPID-41182",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23807",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650734",
            "CSAFPID-1650830",
            "CSAFPID-1650777",
            "CSAFPID-204622",
            "CSAFPID-219909",
            "CSAFPID-1650778",
            "CSAFPID-41182",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650826",
          "CSAFPID-1673382",
          "CSAFPID-1650731",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-816773",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-764240",
          "CSAFPID-614517",
          "CSAFPID-224795",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-93781",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-342804",
          "CSAFPID-912080",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-219776",
          "CSAFPID-765242",
          "CSAFPID-764739",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219826",
          "CSAFPID-912073",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650826",
            "CSAFPID-1673382",
            "CSAFPID-1650731",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-816773",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-764240",
            "CSAFPID-614517",
            "CSAFPID-224795",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-93781",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-342804",
            "CSAFPID-912080",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-219776",
            "CSAFPID-765242",
            "CSAFPID-764739",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219826",
            "CSAFPID-912073",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-25062",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650751",
          "CSAFPID-1650752",
          "CSAFPID-1673481",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-912068",
          "CSAFPID-912076",
          "CSAFPID-611387",
          "CSAFPID-912539",
          "CSAFPID-816773",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912101",
          "CSAFPID-912544",
          "CSAFPID-912077",
          "CSAFPID-816348",
          "CSAFPID-912545",
          "CSAFPID-764240",
          "CSAFPID-912546",
          "CSAFPID-614517",
          "CSAFPID-912547",
          "CSAFPID-224795",
          "CSAFPID-912548",
          "CSAFPID-912102",
          "CSAFPID-912549",
          "CSAFPID-764826",
          "CSAFPID-90016",
          "CSAFPID-912078",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-611413",
          "CSAFPID-764242",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912553",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-342804",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-765242",
          "CSAFPID-912073",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25062",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650751",
            "CSAFPID-1650752",
            "CSAFPID-1673481",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-912068",
            "CSAFPID-912076",
            "CSAFPID-611387",
            "CSAFPID-912539",
            "CSAFPID-816773",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912101",
            "CSAFPID-912544",
            "CSAFPID-912077",
            "CSAFPID-816348",
            "CSAFPID-912545",
            "CSAFPID-764240",
            "CSAFPID-912546",
            "CSAFPID-614517",
            "CSAFPID-912547",
            "CSAFPID-224795",
            "CSAFPID-912548",
            "CSAFPID-912102",
            "CSAFPID-912549",
            "CSAFPID-764826",
            "CSAFPID-90016",
            "CSAFPID-912078",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-611413",
            "CSAFPID-764242",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912553",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-342804",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-765242",
            "CSAFPID-912073",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-25638",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insufficient Verification of Data Authenticity",
          "title": "CWE-345"
        },
        {
          "category": "other",
          "text": "Acceptance of Extraneous Untrusted Data With Trusted Data",
          "title": "CWE-349"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25638",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25638.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.9,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-25638"
    },
    {
      "cve": "CVE-2024-26308",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-1670429",
          "CSAFPID-1670430",
          "CSAFPID-1670431",
          "CSAFPID-1670432",
          "CSAFPID-1670433",
          "CSAFPID-1670434",
          "CSAFPID-1670435",
          "CSAFPID-1670436",
          "CSAFPID-1670437",
          "CSAFPID-1670438",
          "CSAFPID-1670439",
          "CSAFPID-1670440",
          "CSAFPID-1670441",
          "CSAFPID-1670442",
          "CSAFPID-90016",
          "CSAFPID-93781",
          "CSAFPID-204510",
          "CSAFPID-204569",
          "CSAFPID-219776",
          "CSAFPID-219826",
          "CSAFPID-220132",
          "CSAFPID-224795",
          "CSAFPID-342804",
          "CSAFPID-611387",
          "CSAFPID-611413",
          "CSAFPID-614517",
          "CSAFPID-764237",
          "CSAFPID-764240",
          "CSAFPID-764242",
          "CSAFPID-764247",
          "CSAFPID-764735",
          "CSAFPID-764739",
          "CSAFPID-764826",
          "CSAFPID-765242",
          "CSAFPID-816348",
          "CSAFPID-816773",
          "CSAFPID-816781",
          "CSAFPID-816782",
          "CSAFPID-912068",
          "CSAFPID-912073",
          "CSAFPID-912076",
          "CSAFPID-912077",
          "CSAFPID-912078",
          "CSAFPID-912079",
          "CSAFPID-912080",
          "CSAFPID-912085",
          "CSAFPID-912101",
          "CSAFPID-912102",
          "CSAFPID-912539",
          "CSAFPID-912540",
          "CSAFPID-912541",
          "CSAFPID-912542",
          "CSAFPID-912543",
          "CSAFPID-912544",
          "CSAFPID-912545",
          "CSAFPID-912546",
          "CSAFPID-912547",
          "CSAFPID-912548",
          "CSAFPID-912549",
          "CSAFPID-912550",
          "CSAFPID-912551",
          "CSAFPID-912552",
          "CSAFPID-912553",
          "CSAFPID-912554",
          "CSAFPID-912556",
          "CSAFPID-912557",
          "CSAFPID-912558",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-1503582",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26308",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-1670429",
            "CSAFPID-1670430",
            "CSAFPID-1670431",
            "CSAFPID-1670432",
            "CSAFPID-1670433",
            "CSAFPID-1670434",
            "CSAFPID-1670435",
            "CSAFPID-1670436",
            "CSAFPID-1670437",
            "CSAFPID-1670438",
            "CSAFPID-1670439",
            "CSAFPID-1670440",
            "CSAFPID-1670441",
            "CSAFPID-1670442",
            "CSAFPID-90016",
            "CSAFPID-93781",
            "CSAFPID-204510",
            "CSAFPID-204569",
            "CSAFPID-219776",
            "CSAFPID-219826",
            "CSAFPID-220132",
            "CSAFPID-224795",
            "CSAFPID-342804",
            "CSAFPID-611387",
            "CSAFPID-611413",
            "CSAFPID-614517",
            "CSAFPID-764237",
            "CSAFPID-764240",
            "CSAFPID-764242",
            "CSAFPID-764247",
            "CSAFPID-764735",
            "CSAFPID-764739",
            "CSAFPID-764826",
            "CSAFPID-765242",
            "CSAFPID-816348",
            "CSAFPID-816773",
            "CSAFPID-816781",
            "CSAFPID-816782",
            "CSAFPID-912068",
            "CSAFPID-912073",
            "CSAFPID-912076",
            "CSAFPID-912077",
            "CSAFPID-912078",
            "CSAFPID-912079",
            "CSAFPID-912080",
            "CSAFPID-912085",
            "CSAFPID-912101",
            "CSAFPID-912102",
            "CSAFPID-912539",
            "CSAFPID-912540",
            "CSAFPID-912541",
            "CSAFPID-912542",
            "CSAFPID-912543",
            "CSAFPID-912544",
            "CSAFPID-912545",
            "CSAFPID-912546",
            "CSAFPID-912547",
            "CSAFPID-912548",
            "CSAFPID-912549",
            "CSAFPID-912550",
            "CSAFPID-912551",
            "CSAFPID-912552",
            "CSAFPID-912553",
            "CSAFPID-912554",
            "CSAFPID-912556",
            "CSAFPID-912557",
            "CSAFPID-912558",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-1503582",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600"
          ]
        }
      ],
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-28182",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Detection of Error Condition Without Action",
          "title": "CWE-390"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673414",
          "CSAFPID-1673396",
          "CSAFPID-1673485",
          "CSAFPID-1673393",
          "CSAFPID-1673394",
          "CSAFPID-1673389",
          "CSAFPID-1672767",
          "CSAFPID-1673391",
          "CSAFPID-1673392",
          "CSAFPID-1673415",
          "CSAFPID-1673390",
          "CSAFPID-1673413",
          "CSAFPID-1673395",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28182",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673414",
            "CSAFPID-1673396",
            "CSAFPID-1673485",
            "CSAFPID-1673393",
            "CSAFPID-1673394",
            "CSAFPID-1673389",
            "CSAFPID-1672767",
            "CSAFPID-1673391",
            "CSAFPID-1673392",
            "CSAFPID-1673415",
            "CSAFPID-1673390",
            "CSAFPID-1673413",
            "CSAFPID-1673395",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28849",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1673414",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28849",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1673414",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1635310",
          "CSAFPID-1635311",
          "CSAFPID-1635312",
          "CSAFPID-1635313",
          "CSAFPID-1635314",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635317",
          "CSAFPID-1635318",
          "CSAFPID-1635319",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1635322",
          "CSAFPID-1635323",
          "CSAFPID-1635324",
          "CSAFPID-1635325",
          "CSAFPID-1635326",
          "CSAFPID-1635327",
          "CSAFPID-1635328",
          "CSAFPID-1635329",
          "CSAFPID-1650752",
          "CSAFPID-1650751",
          "CSAFPID-1673494",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1674636",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1635310",
            "CSAFPID-1635311",
            "CSAFPID-1635312",
            "CSAFPID-1635313",
            "CSAFPID-1635314",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635317",
            "CSAFPID-1635318",
            "CSAFPID-1635319",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1635322",
            "CSAFPID-1635323",
            "CSAFPID-1635324",
            "CSAFPID-1635325",
            "CSAFPID-1635326",
            "CSAFPID-1635327",
            "CSAFPID-1635328",
            "CSAFPID-1635329",
            "CSAFPID-1650752",
            "CSAFPID-1650751",
            "CSAFPID-1673494",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1674636",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29133",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1650820",
          "CSAFPID-224790",
          "CSAFPID-221118",
          "CSAFPID-1673496",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29133",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1650820",
            "CSAFPID-224790",
            "CSAFPID-221118",
            "CSAFPID-1673496",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-29133"
    },
    {
      "cve": "CVE-2024-29736",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673399",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29736",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29736.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673399",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-29736"
    },
    {
      "cve": "CVE-2024-29857",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673413",
          "CSAFPID-1673415",
          "CSAFPID-1673501",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646",
          "CSAFPID-220055",
          "CSAFPID-1503577",
          "CSAFPID-764237",
          "CSAFPID-912085",
          "CSAFPID-1503578",
          "CSAFPID-1503579",
          "CSAFPID-1503580",
          "CSAFPID-912101",
          "CSAFPID-1503581",
          "CSAFPID-1503322",
          "CSAFPID-912069",
          "CSAFPID-764240",
          "CSAFPID-912547",
          "CSAFPID-1503582",
          "CSAFPID-912549",
          "CSAFPID-1503583",
          "CSAFPID-1503584",
          "CSAFPID-1503585",
          "CSAFPID-1503586",
          "CSAFPID-1503587",
          "CSAFPID-1503588",
          "CSAFPID-1503316",
          "CSAFPID-1503317",
          "CSAFPID-764242",
          "CSAFPID-1503589",
          "CSAFPID-1503590",
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1503591",
          "CSAFPID-816789",
          "CSAFPID-816790",
          "CSAFPID-1503592",
          "CSAFPID-1503593",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-342804",
          "CSAFPID-1503596",
          "CSAFPID-1503597",
          "CSAFPID-1503598",
          "CSAFPID-816792",
          "CSAFPID-764247",
          "CSAFPID-912556",
          "CSAFPID-764735",
          "CSAFPID-816793",
          "CSAFPID-1503599",
          "CSAFPID-1503600",
          "CSAFPID-342793",
          "CSAFPID-816350",
          "CSAFPID-1261",
          "CSAFPID-342803",
          "CSAFPID-816354",
          "CSAFPID-204563",
          "CSAFPID-764738",
          "CSAFPID-816355",
          "CSAFPID-1503601",
          "CSAFPID-1503602",
          "CSAFPID-240600",
          "CSAFPID-204510",
          "CSAFPID-204569"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29857",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673413",
            "CSAFPID-1673415",
            "CSAFPID-1673501",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646",
            "CSAFPID-220055",
            "CSAFPID-1503577",
            "CSAFPID-764237",
            "CSAFPID-912085",
            "CSAFPID-1503578",
            "CSAFPID-1503579",
            "CSAFPID-1503580",
            "CSAFPID-912101",
            "CSAFPID-1503581",
            "CSAFPID-1503322",
            "CSAFPID-912069",
            "CSAFPID-764240",
            "CSAFPID-912547",
            "CSAFPID-1503582",
            "CSAFPID-912549",
            "CSAFPID-1503583",
            "CSAFPID-1503584",
            "CSAFPID-1503585",
            "CSAFPID-1503586",
            "CSAFPID-1503587",
            "CSAFPID-1503588",
            "CSAFPID-1503316",
            "CSAFPID-1503317",
            "CSAFPID-764242",
            "CSAFPID-1503589",
            "CSAFPID-1503590",
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1503591",
            "CSAFPID-816789",
            "CSAFPID-816790",
            "CSAFPID-1503592",
            "CSAFPID-1503593",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-342804",
            "CSAFPID-1503596",
            "CSAFPID-1503597",
            "CSAFPID-1503598",
            "CSAFPID-816792",
            "CSAFPID-764247",
            "CSAFPID-912556",
            "CSAFPID-764735",
            "CSAFPID-816793",
            "CSAFPID-1503599",
            "CSAFPID-1503600",
            "CSAFPID-342793",
            "CSAFPID-816350",
            "CSAFPID-1261",
            "CSAFPID-342803",
            "CSAFPID-816354",
            "CSAFPID-204563",
            "CSAFPID-764738",
            "CSAFPID-816355",
            "CSAFPID-1503601",
            "CSAFPID-1503602",
            "CSAFPID-240600",
            "CSAFPID-204510",
            "CSAFPID-204569"
          ]
        }
      ],
      "title": "CVE-2024-29857"
    },
    {
      "cve": "CVE-2024-30251",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912079",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-30251",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30251.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912079",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-30251"
    },
    {
      "cve": "CVE-2024-31080",
      "cwe": {
        "id": "CWE-126",
        "name": "Buffer Over-read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Buffer Over-read",
          "title": "CWE-126"
        },
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-31080",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31080.json"
        }
      ],
      "title": "CVE-2024-31080"
    },
    {
      "cve": "CVE-2024-31744",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673392",
          "CSAFPID-1673393",
          "CSAFPID-1673396",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-31744",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31744.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673392",
            "CSAFPID-1673393",
            "CSAFPID-1673396",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-31744"
    },
    {
      "cve": "CVE-2024-32760",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-220132",
          "CSAFPID-912079",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-32760",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-220132",
            "CSAFPID-912079",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-32760"
    },
    {
      "cve": "CVE-2024-33602",
      "cwe": {
        "id": "CWE-466",
        "name": "Return of Pointer Value Outside of Expected Range"
      },
      "notes": [
        {
          "category": "other",
          "text": "Return of Pointer Value Outside of Expected Range",
          "title": "CWE-466"
        },
        {
          "category": "other",
          "text": "Improper Check or Handling of Exceptional Conditions",
          "title": "CWE-703"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1673396",
          "CSAFPID-1503594",
          "CSAFPID-1503595",
          "CSAFPID-1672762",
          "CSAFPID-1673395",
          "CSAFPID-1672764",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673494",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-33602",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-33602.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1673396",
            "CSAFPID-1503594",
            "CSAFPID-1503595",
            "CSAFPID-1672762",
            "CSAFPID-1673395",
            "CSAFPID-1672764",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1673494",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-33602"
    },
    {
      "cve": "CVE-2024-34750",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Exceptional Conditions",
          "title": "CWE-755"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673481",
          "CSAFPID-1503596",
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34750",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673481",
            "CSAFPID-1503596",
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-34750"
    },
    {
      "cve": "CVE-2024-37371",
      "cwe": {
        "id": "CWE-130",
        "name": "Improper Handling of Length Parameter Inconsistency"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Handling of Length Parameter Inconsistency",
          "title": "CWE-130"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-912549",
          "CSAFPID-1673413",
          "CSAFPID-1673414",
          "CSAFPID-1673396",
          "CSAFPID-1503590",
          "CSAFPID-1673393",
          "CSAFPID-1673395",
          "CSAFPID-1673399",
          "CSAFPID-1672767",
          "CSAFPID-1503585",
          "CSAFPID-1673392",
          "CSAFPID-1503589",
          "CSAFPID-1673415",
          "CSAFPID-1673389",
          "CSAFPID-1673390",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37371",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-912549",
            "CSAFPID-1673413",
            "CSAFPID-1673414",
            "CSAFPID-1673396",
            "CSAFPID-1503590",
            "CSAFPID-1673393",
            "CSAFPID-1673395",
            "CSAFPID-1673399",
            "CSAFPID-1672767",
            "CSAFPID-1503585",
            "CSAFPID-1673392",
            "CSAFPID-1503589",
            "CSAFPID-1673415",
            "CSAFPID-1673389",
            "CSAFPID-1673390",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-37371"
    },
    {
      "cve": "CVE-2024-37891",
      "cwe": {
        "id": "CWE-669",
        "name": "Incorrect Resource Transfer Between Spheres"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Resource Transfer Between Spheres",
          "title": "CWE-669"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673396",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37891",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673396",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38816",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673420",
          "CSAFPID-1673421",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38816",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673420",
            "CSAFPID-1673421",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-38816"
    },
    {
      "cve": "CVE-2024-39689",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insufficient Verification of Data Authenticity",
          "title": "CWE-345"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673396",
          "CSAFPID-1673392",
          "CSAFPID-1673393"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-39689",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39689.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673396",
            "CSAFPID-1673392",
            "CSAFPID-1673393"
          ]
        }
      ],
      "title": "CVE-2024-39689"
    },
    {
      "cve": "CVE-2024-40898",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673516",
          "CSAFPID-1673411",
          "CSAFPID-1673412",
          "CSAFPID-1650731",
          "CSAFPID-1673382",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-40898",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673516",
            "CSAFPID-1673411",
            "CSAFPID-1673412",
            "CSAFPID-1650731",
            "CSAFPID-1673382",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-40898"
    },
    {
      "cve": "CVE-2024-41817",
      "cwe": {
        "id": "CWE-427",
        "name": "Uncontrolled Search Path Element"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Search Path Element",
          "title": "CWE-427"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673382",
          "CSAFPID-1650731",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-1674625"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-41817",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41817.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673382",
            "CSAFPID-1650731",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-1674625"
          ]
        }
      ],
      "title": "CVE-2024-41817"
    },
    {
      "cve": "CVE-2024-43044",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "other",
          "text": "Improper Check for Unusual or Exceptional Conditions",
          "title": "CWE-754"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673395",
          "CSAFPID-1673411",
          "CSAFPID-1673412",
          "CSAFPID-1673413",
          "CSAFPID-1673396",
          "CSAFPID-1673392",
          "CSAFPID-1673494",
          "CSAFPID-1673393",
          "CSAFPID-1673415",
          "CSAFPID-1673416",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-43044",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43044.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673395",
            "CSAFPID-1673411",
            "CSAFPID-1673412",
            "CSAFPID-1673413",
            "CSAFPID-1673396",
            "CSAFPID-1673392",
            "CSAFPID-1673494",
            "CSAFPID-1673393",
            "CSAFPID-1673415",
            "CSAFPID-1673416",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-43044"
    },
    {
      "cve": "CVE-2024-45492",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1673382",
          "CSAFPID-1673399",
          "CSAFPID-1650731",
          "CSAFPID-1673517",
          "CSAFPID-1673396",
          "CSAFPID-1674617",
          "CSAFPID-1674618",
          "CSAFPID-1674619",
          "CSAFPID-1674620",
          "CSAFPID-1674621",
          "CSAFPID-1674622",
          "CSAFPID-1674623",
          "CSAFPID-1674624",
          "CSAFPID-1674625",
          "CSAFPID-1674626",
          "CSAFPID-1674627",
          "CSAFPID-1674628",
          "CSAFPID-1635305",
          "CSAFPID-1635306",
          "CSAFPID-1635307",
          "CSAFPID-1635308",
          "CSAFPID-1635309",
          "CSAFPID-1670434",
          "CSAFPID-1674629",
          "CSAFPID-1635315",
          "CSAFPID-1635316",
          "CSAFPID-1635318",
          "CSAFPID-1674630",
          "CSAFPID-1674631",
          "CSAFPID-1674632",
          "CSAFPID-1674633",
          "CSAFPID-1674634",
          "CSAFPID-1674635",
          "CSAFPID-1635323",
          "CSAFPID-1674636",
          "CSAFPID-1635324",
          "CSAFPID-1674637",
          "CSAFPID-1674638",
          "CSAFPID-1674639",
          "CSAFPID-1674640",
          "CSAFPID-1674641",
          "CSAFPID-1674642",
          "CSAFPID-1635320",
          "CSAFPID-1635321",
          "CSAFPID-1674643",
          "CSAFPID-1674644",
          "CSAFPID-1674645",
          "CSAFPID-1674646"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-45492",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1673382",
            "CSAFPID-1673399",
            "CSAFPID-1650731",
            "CSAFPID-1673517",
            "CSAFPID-1673396",
            "CSAFPID-1674617",
            "CSAFPID-1674618",
            "CSAFPID-1674619",
            "CSAFPID-1674620",
            "CSAFPID-1674621",
            "CSAFPID-1674622",
            "CSAFPID-1674623",
            "CSAFPID-1674624",
            "CSAFPID-1674625",
            "CSAFPID-1674626",
            "CSAFPID-1674627",
            "CSAFPID-1674628",
            "CSAFPID-1635305",
            "CSAFPID-1635306",
            "CSAFPID-1635307",
            "CSAFPID-1635308",
            "CSAFPID-1635309",
            "CSAFPID-1670434",
            "CSAFPID-1674629",
            "CSAFPID-1635315",
            "CSAFPID-1635316",
            "CSAFPID-1635318",
            "CSAFPID-1674630",
            "CSAFPID-1674631",
            "CSAFPID-1674632",
            "CSAFPID-1674633",
            "CSAFPID-1674634",
            "CSAFPID-1674635",
            "CSAFPID-1635323",
            "CSAFPID-1674636",
            "CSAFPID-1635324",
            "CSAFPID-1674637",
            "CSAFPID-1674638",
            "CSAFPID-1674639",
            "CSAFPID-1674640",
            "CSAFPID-1674641",
            "CSAFPID-1674642",
            "CSAFPID-1635320",
            "CSAFPID-1635321",
            "CSAFPID-1674643",
            "CSAFPID-1674644",
            "CSAFPID-1674645",
            "CSAFPID-1674646"
          ]
        }
      ],
      "title": "CVE-2024-45492"
    }
  ]
}

ncsc-2024-0294

Vulnerability from csaf_ncscnl

Published

2024-07-17 13:52

Modified

2024-07-17 13:52

Summary

Kwetsbaarheden verholpen in Oracle Communications

Notes

Feiten

Er zijn kwetsbaarheden verholpen in Oracle Communications.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: * Denial-of-Service (DoS) * Toegang tot gevoelige gegevens * Toegang tot systeemgegevens * Manipulatie van gegevens * (Remote) code execution (Gebruikersrechten)

Oplossingen

Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.

Kans

medium

Schade

high

CWE-681

Incorrect Conversion between Numeric Types

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-787

Out-of-bounds Write

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')

CWE-88

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

CWE-918

Server-Side Request Forgery (SSRF)

CWE-192

Integer Coercion Error

CWE-20

Improper Input Validation

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-222

Truncation of Security-relevant Information

CWE-284

Improper Access Control

CWE-295

Improper Certificate Validation

CWE-345

Insufficient Verification of Data Authenticity

CWE-352

Cross-Site Request Forgery (CSRF)

CWE-390

Detection of Error Condition Without Action

CWE-400

Uncontrolled Resource Consumption

CWE-404

Improper Resource Shutdown or Release

CWE-405

Asymmetric Resource Consumption (Amplification)

CWE-416

Use After Free

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-450

Multiple Interpretations of UI Input

CWE-459

Incomplete Cleanup

CWE-476

NULL Pointer Dereference

CWE-502

Deserialization of Untrusted Data

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Er zijn kwetsbaarheden verholpen in Oracle Communications.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens\n* (Remote) code execution (Gebruikersrechten)",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Incorrect Conversion between Numeric Types",
        "title": "CWE-681"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
        "title": "CWE-835"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
        "title": "CWE-88"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Integer Coercion Error",
        "title": "CWE-192"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Truncation of Security-relevant Information",
        "title": "CWE-222"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Insufficient Verification of Data Authenticity",
        "title": "CWE-345"
      },
      {
        "category": "general",
        "text": "Cross-Site Request Forgery (CSRF)",
        "title": "CWE-352"
      },
      {
        "category": "general",
        "text": "Detection of Error Condition Without Action",
        "title": "CWE-390"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Asymmetric Resource Consumption (Amplification)",
        "title": "CWE-405"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
        "title": "CWE-444"
      },
      {
        "category": "general",
        "text": "Multiple Interpretations of UI Input",
        "title": "CWE-450"
      },
      {
        "category": "general",
        "text": "Incomplete Cleanup",
        "title": "CWE-459"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10086"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29425"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41184"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34169"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42890"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-48174"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33201"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37920"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44487"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46589"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51775"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5685"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0450"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22019"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22234"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22257"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22262"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23807"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23897"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25062"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25710"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26130"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26308"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27316"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28182"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2961"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34064"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34069"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6162"
      },
      {
        "category": "external",
        "summary": "Reference - oracle",
        "url": "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json"
      },
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; ibm; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Communications",
    "tracking": {
      "current_release_date": "2024-07-17T13:52:53.293003Z",
      "id": "NCSC-2024-0294",
      "initial_release_date": "2024-07-17T13:52:53.293003Z",
      "revision_history": [
        {
          "date": "2024-07-17T13:52:53.293003Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "communications_asap",
            "product": {
              "name": "communications_asap",
              "product_id": "CSAFPID-204629",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_asap:7.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "communications_asap",
            "product": {
              "name": "communications_asap",
              "product_id": "CSAFPID-816792",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:oracle:communications_asap:7.4:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-10086",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-204629",
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2019-10086",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2019/CVE-2019-10086.json"
        }
      ],
      "title": "CVE-2019-10086"
    },
    {
      "cve": "CVE-2021-29425",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-204629",
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-29425",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-29425.json"
        }
      ],
      "title": "CVE-2021-29425"
    },
    {
      "cve": "CVE-2021-37533",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-37533",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37533.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2021-37533"
    },
    {
      "cve": "CVE-2021-41184",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-204629",
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-41184",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41184.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-204629",
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2021-41184"
    },
    {
      "cve": "CVE-2022-34169",
      "cwe": {
        "id": "CWE-192",
        "name": "Integer Coercion Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Integer Coercion Error",
          "title": "CWE-192"
        },
        {
          "category": "other",
          "text": "Incorrect Conversion between Numeric Types",
          "title": "CWE-681"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-204629",
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-34169",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json"
        }
      ],
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2022-36033",
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-36033",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2022-36033"
    },
    {
      "cve": "CVE-2022-42890",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        },
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-42890",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42890.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2022-42890"
    },
    {
      "cve": "CVE-2022-48174",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-48174",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-48174.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2022-48174"
    },
    {
      "cve": "CVE-2023-5685",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-5685",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5685.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2023-5685"
    },
    {
      "cve": "CVE-2023-24998",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-24998",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json"
        }
      ],
      "title": "CVE-2023-24998"
    },
    {
      "cve": "CVE-2023-33201",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-33201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2023-33201"
    },
    {
      "cve": "CVE-2023-37920",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        },
        {
          "category": "other",
          "text": "Insufficient Verification of Data Authenticity",
          "title": "CWE-345"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-37920",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2023-37920"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44487",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
        }
      ],
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-46589",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46589",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2023-48795",
      "cwe": {
        "id": "CWE-222",
        "name": "Truncation of Security-relevant Information"
      },
      "notes": [
        {
          "category": "other",
          "text": "Truncation of Security-relevant Information",
          "title": "CWE-222"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-48795",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-51775",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-51775",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51775.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2023-51775"
    },
    {
      "cve": "CVE-2023-52425",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-52425",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2024-0450",
      "cwe": {
        "id": "CWE-450",
        "name": "Multiple Interpretations of UI Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Multiple Interpretations of UI Input",
          "title": "CWE-450"
        },
        {
          "category": "other",
          "text": "Asymmetric Resource Consumption (Amplification)",
          "title": "CWE-405"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-0450",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0450.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-0450"
    },
    {
      "cve": "CVE-2024-2961",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2961",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2961.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-2961"
    },
    {
      "cve": "CVE-2024-6162",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6162",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6162.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-6162"
    },
    {
      "cve": "CVE-2024-22019",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22019",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22019.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-22019"
    },
    {
      "cve": "CVE-2024-22201",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22201",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22234",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22234",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22234.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-22234"
    },
    {
      "cve": "CVE-2024-22257",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22257",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22257.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-22257"
    },
    {
      "cve": "CVE-2024-22262",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22262",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete Cleanup",
          "title": "CWE-459"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23672",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-23807",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23807",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-23897",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
          "title": "CWE-88"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23897",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23897.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-23897"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-25062",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "other",
          "text": "Use After Free",
          "title": "CWE-416"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25062",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-25710",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
          "title": "CWE-835"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-25710",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-25710"
    },
    {
      "cve": "CVE-2024-26130",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26130",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-26130"
    },
    {
      "cve": "CVE-2024-26308",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-26308",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-27316",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-27316",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27316.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-27316"
    },
    {
      "cve": "CVE-2024-28182",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Detection of Error Condition Without Action",
          "title": "CWE-390"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28182",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28752",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28752",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28752.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-28752"
    },
    {
      "cve": "CVE-2024-28849",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-28849",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-29025",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-29025",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
        }
      ],
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-34064",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34064",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34064.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-34064"
    },
    {
      "cve": "CVE-2024-34069",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Cross-Site Request Forgery (CSRF)",
          "title": "CWE-352"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-816792"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-34069",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34069.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-816792"
          ]
        }
      ],
      "title": "CVE-2024-34069"
    }
  ]
}

ncsc-2025-0123

Vulnerability from csaf_ncscnl

Published

2025-04-16 08:37

Modified

2025-04-16 08:37

Summary

Kwetsbaarheden verholpen in Oracle Database Producten

Notes

Feiten

Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.

Interpretaties

De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores variërend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.

Oplossingen

Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-385

Covert Timing Channel

CWE-347

Improper Verification of Cryptographic Signature

CWE-1286

Improper Validation of Syntactic Correctness of Input

CWE-125

Out-of-bounds Read

CWE-404

Improper Resource Shutdown or Release

CWE-400

Uncontrolled Resource Consumption

CWE-502

Deserialization of Untrusted Data

CWE-918

Server-Side Request Forgery (SSRF)

CWE-787

Out-of-bounds Write

CWE-20

Improper Input Validation

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-44

Path Equivalence: 'file.name' (Internal Dot)

CWE-226

Sensitive Information in Resource Not Removed Before Reuse

CWE-706

Use of Incorrectly-Resolved Name or Reference

CWE-669

Incorrect Resource Transfer Between Spheres

CWE-755

Improper Handling of Exceptional Conditions

CWE-178

Improper Handling of Case Sensitivity

CWE-193

Off-by-one Error

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-523

Unprotected Transport of Credentials

CWE-190

Integer Overflow or Wraparound

CWE-614

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

CWE-285

Improper Authorization

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CWE-284

Improper Access Control

CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-476

NULL Pointer Dereference

CWE-459

Incomplete Cleanup

CWE-94

Improper Control of Generation of Code ('Code Injection')

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-674

Uncontrolled Recursion

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-122

Heap-based Buffer Overflow

CWE-121

Stack-based Buffer Overflow

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-269

Improper Privilege Management

CWE-287

Improper Authentication

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores vari\u00ebrend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Covert Timing Channel",
        "title": "CWE-385"
      },
      {
        "category": "general",
        "text": "Improper Verification of Cryptographic Signature",
        "title": "CWE-347"
      },
      {
        "category": "general",
        "text": "Improper Validation of Syntactic Correctness of Input",
        "title": "CWE-1286"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Write",
        "title": "CWE-787"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
        "title": "CWE-44"
      },
      {
        "category": "general",
        "text": "Sensitive Information in Resource Not Removed Before Reuse",
        "title": "CWE-226"
      },
      {
        "category": "general",
        "text": "Use of Incorrectly-Resolved Name or Reference",
        "title": "CWE-706"
      },
      {
        "category": "general",
        "text": "Incorrect Resource Transfer Between Spheres",
        "title": "CWE-669"
      },
      {
        "category": "general",
        "text": "Improper Handling of Exceptional Conditions",
        "title": "CWE-755"
      },
      {
        "category": "general",
        "text": "Improper Handling of Case Sensitivity",
        "title": "CWE-178"
      },
      {
        "category": "general",
        "text": "Off-by-one Error",
        "title": "CWE-193"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
        "title": "CWE-444"
      },
      {
        "category": "general",
        "text": "Unprotected Transport of Credentials",
        "title": "CWE-523"
      },
      {
        "category": "general",
        "text": "Integer Overflow or Wraparound",
        "title": "CWE-190"
      },
      {
        "category": "general",
        "text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
        "title": "CWE-614"
      },
      {
        "category": "general",
        "text": "Improper Authorization",
        "title": "CWE-285"
      },
      {
        "category": "general",
        "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
        "title": "CWE-362"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
        "title": "CWE-1321"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Incomplete Cleanup",
        "title": "CWE-459"
      },
      {
        "category": "general",
        "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
        "title": "CWE-94"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
        "title": "CWE-74"
      },
      {
        "category": "general",
        "text": "Uncontrolled Recursion",
        "title": "CWE-674"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Stack-based Buffer Overflow",
        "title": "CWE-121"
      },
      {
        "category": "general",
        "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
        "title": "CWE-120"
      },
      {
        "category": "general",
        "text": "Improper Privilege Management",
        "title": "CWE-269"
      },
      {
        "category": "general",
        "text": "Improper Authentication",
        "title": "CWE-287"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd; oracle",
        "url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Oracle Database Producten",
    "tracking": {
      "current_release_date": "2025-04-16T08:37:39.412900Z",
      "generator": {
        "date": "2025-02-25T15:15:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.0"
        }
      },
      "id": "NCSC-2025-0123",
      "initial_release_date": "2025-04-16T08:37:39.412900Z",
      "revision_history": [
        {
          "date": "2025-04-16T08:37:39.412900Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/22.1",
                    "product": {
                      "name": "vers:unknown/22.1",
                      "product_id": "CSAFPID-1304603"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Database Server"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/13.5.0.0",
                    "product": {
                      "name": "vers:unknown/13.5.0.0",
                      "product_id": "CSAFPID-1201359"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Enterprise Manager for Oracle Database"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                    "product": {
                      "name": "vers:unknown/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                      "product_id": "CSAFPID-2698376"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/\u003e=21.3|\u003c=21.17",
                    "product": {
                      "name": "vers:unknown/\u003e=21.3|\u003c=21.17",
                      "product_id": "CSAFPID-2698377"
                    }
                  }
                ],
                "category": "product_name",
                "name": "GoldenGate"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/23.1",
                    "product": {
                      "name": "vers:oracle/23.1",
                      "product_id": "CSAFPID-1238473"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/2.0",
                    "product": {
                      "name": "vers:unknown/2.0",
                      "product_id": "CSAFPID-1237753"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/20.2",
                    "product": {
                      "name": "vers:unknown/20.2",
                      "product_id": "CSAFPID-1238475"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/23.1",
                    "product": {
                      "name": "vers:unknown/23.1",
                      "product_id": "CSAFPID-1296375"
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:unknown/none",
                    "product": {
                      "name": "vers:unknown/none",
                      "product_id": "CSAFPID-1237603"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Big Data Spatial and Graph"
              }
            ],
            "category": "product_family",
            "name": "Oracle"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=19.3|\u003c=19.22",
                "product": {
                  "name": "vers:oracle/\u003e=19.3|\u003c=19.22",
                  "product_id": "CSAFPID-1145825"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=21.3|\u003c=21.13",
                "product": {
                  "name": "vers:oracle/\u003e=21.3|\u003c=21.13",
                  "product_id": "CSAFPID-1145826"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Database Server"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.3|\u003c=19.26",
                    "product": {
                      "name": "vers:oracle/\u003e=19.3|\u003c=19.26",
                      "product_id": "CSAFPID-2698969",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                    "product": {
                      "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                      "product_id": "CSAFPID-2698968",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.4|\u003c=21.16",
                    "product": {
                      "name": "vers:oracle/\u003e=21.4|\u003c=21.16",
                      "product_id": "CSAFPID-1839905",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                    "product": {
                      "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                      "product_id": "CSAFPID-2698934",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Database Server"
              }
            ],
            "category": "product_family",
            "name": "Oracle Database Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/13.5.0.0",
                "product": {
                  "name": "vers:oracle/13.5.0.0",
                  "product_id": "CSAFPID-1144644"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Enterprise Manager for Oracle Database"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/1.5.0",
                    "product": {
                      "name": "vers:oracle/1.5.0",
                      "product_id": "CSAFPID-2699002",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/1.6.0",
                    "product": {
                      "name": "vers:oracle/1.6.0",
                      "product_id": "CSAFPID-2699003",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/1.6.1",
                    "product": {
                      "name": "vers:oracle/1.6.1",
                      "product_id": "CSAFPID-2699004",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle NoSQL Database"
              }
            ],
            "category": "product_family",
            "name": "Oracle NoSQL Database"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=22.1.1.1.0|\u003c=22.1.1.30.0",
                    "product": {
                      "name": "vers:oracle/\u003e=22.1.1.1.0|\u003c=22.1.1.30.0",
                      "product_id": "CSAFPID-2699053",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle TimesTen In-Memory Database"
              }
            ],
            "category": "product_family",
            "name": "Oracle TimesTen In-Memory Database"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/25.1.0",
                    "product": {
                      "name": "vers:oracle/25.1.0",
                      "product_id": "CSAFPID-2698932",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/25.2.0",
                    "product": {
                      "name": "vers:oracle/25.2.0",
                      "product_id": "CSAFPID-2698931",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.8.0|\u003c=23.11.0",
                    "product": {
                      "name": "vers:oracle/\u003e=23.8.0|\u003c=23.11.0",
                      "product_id": "CSAFPID-2698930",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=24.1.0|\u003c=24.11.0",
                    "product": {
                      "name": "vers:oracle/\u003e=24.1.0|\u003c=24.11.0",
                      "product_id": "CSAFPID-2698933",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Autonomous Health Framework"
              }
            ],
            "category": "product_family",
            "name": "Oracle Autonomous Health Framework"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/21.7.1.0.0",
                    "product": {
                      "name": "vers:oracle/21.7.1.0.0",
                      "product_id": "CSAFPID-2698943",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Essbase"
              }
            ],
            "category": "product_family",
            "name": "Oracle Essbase"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.10",
                    "product": {
                      "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.10",
                      "product_id": "CSAFPID-2698949",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "GoldenGate Stream Analytics"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                    "product": {
                      "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
                      "product_id": "CSAFPID-2698941",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                    "product": {
                      "name": "vers:oracle/\u003e=21.3|\u003c=21.17",
                      "product_id": "CSAFPID-2698942",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                    "product": {
                      "name": "vers:oracle/\u003e=23.4|\u003c=23.7",
                      "product_id": "CSAFPID-2699022",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle GoldenGate"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.18",
                    "product": {
                      "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.18",
                      "product_id": "CSAFPID-1839977",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=21.3.0.0.0|\u003c=21.16.0.0.0",
                    "product": {
                      "name": "vers:oracle/\u003e=21.3.0.0.0|\u003c=21.16.0.0.0",
                      "product_id": "CSAFPID-1840034",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/\u003e=23.4|\u003c=23.6",
                    "product": {
                      "name": "vers:oracle/\u003e=23.4|\u003c=23.6",
                      "product_id": "CSAFPID-1840035",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle GoldenGate Big Data and Application Adapters"
              }
            ],
            "category": "product_family",
            "name": "Oracle GoldenGate"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.7",
                "product": {
                  "name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.7",
                  "product_id": "CSAFPID-1144602"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle GoldenGate Stream Analytics"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c23.1",
                "product": {
                  "name": "vers:oracle/\u003c23.1",
                  "product_id": "CSAFPID-1145800"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:unknown/2.0",
                "product": {
                  "name": "vers:unknown/2.0",
                  "product_id": "CSAFPID-356315",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:unknown/23.1",
                "product": {
                  "name": "vers:unknown/23.1",
                  "product_id": "CSAFPID-356152"
                }
              }
            ],
            "category": "product_name",
            "name": "Big Data Spatial and Graph"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/23.4.3",
                    "product": {
                      "name": "vers:oracle/23.4.3",
                      "product_id": "CSAFPID-2699065",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.3.0",
                    "product": {
                      "name": "vers:oracle/24.3.0",
                      "product_id": "CSAFPID-2699066",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/23.4.4",
                    "product": {
                      "name": "vers:oracle/23.4.4",
                      "product_id": "CSAFPID-1840017",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/24.4.0",
                    "product": {
                      "name": "vers:oracle/24.4.0",
                      "product_id": "CSAFPID-1840013",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Graph Server and Client"
              }
            ],
            "category": "product_family",
            "name": "Oracle Graph Server and Client"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c=22.4.7",
                "product": {
                  "name": "vers:oracle/\u003c=22.4.7",
                  "product_id": "CSAFPID-1145419",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c=23.4.2",
                "product": {
                  "name": "vers:oracle/\u003c=23.4.2",
                  "product_id": "CSAFPID-1145421",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:oracle/\u003c=24.1.0",
                "product": {
                  "name": "vers:oracle/\u003c=24.1.0",
                  "product_id": "CSAFPID-1145422",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Graph Server and Client"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:oracle/3.0.6",
                "product": {
                  "name": "vers:oracle/3.0.6",
                  "product_id": "CSAFPID-1145420",
                  "product_identification_helper": {
                    "cpe": "cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Big Data Spatial and Graph"
          },
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.1.0.1",
                    "product": {
                      "name": "vers:oracle/12.1.0.1",
                      "product_id": "CSAFPID-2699109",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.1.0.2",
                    "product": {
                      "name": "vers:oracle/12.1.0.2",
                      "product_id": "CSAFPID-2699107",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/12.1.0.3",
                    "product": {
                      "name": "vers:oracle/12.1.0.3",
                      "product_id": "CSAFPID-2699106",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/18.1.0.0",
                    "product": {
                      "name": "vers:oracle/18.1.0.0",
                      "product_id": "CSAFPID-2699110",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/18.1.0.1",
                    "product": {
                      "name": "vers:oracle/18.1.0.1",
                      "product_id": "CSAFPID-2698972",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*"
                      }
                    }
                  },
                  {
                    "category": "product_version_range",
                    "name": "vers:oracle/18.1.0.2",
                    "product": {
                      "name": "vers:oracle/18.1.0.2",
                      "product_id": "CSAFPID-2699108",
                      "product_identification_helper": {
                        "cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*"
                      }
                    }
                  }
                ],
                "category": "product_name",
                "name": "Oracle Secure Backup"
              }
            ],
            "category": "product_family",
            "name": "Oracle Secure Backup"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:semver/19.3|\u003c=19.26",
                "product": {
                  "name": "vers:semver/19.3|\u003c=19.26",
                  "product_id": "CSAFPID-2698485"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/21.3|\u003c=21.17",
                "product": {
                  "name": "vers:semver/21.3|\u003c=21.17",
                  "product_id": "CSAFPID-2698486"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/23.4|\u003c=23.7",
                "product": {
                  "name": "vers:semver/23.4|\u003c=23.7",
                  "product_id": "CSAFPID-2698487"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Database Server"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:semver/12.1.0.1",
                "product": {
                  "name": "vers:semver/12.1.0.1",
                  "product_id": "CSAFPID-2698463"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/12.1.0.2",
                "product": {
                  "name": "vers:semver/12.1.0.2",
                  "product_id": "CSAFPID-2698464"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/12.1.0.3",
                "product": {
                  "name": "vers:semver/12.1.0.3",
                  "product_id": "CSAFPID-2698465"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/18.1.0.0",
                "product": {
                  "name": "vers:semver/18.1.0.0",
                  "product_id": "CSAFPID-2698466"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/18.1.0.1",
                "product": {
                  "name": "vers:semver/18.1.0.1",
                  "product_id": "CSAFPID-2698467"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:semver/18.1.0.2",
                "product": {
                  "name": "vers:semver/18.1.0.2",
                  "product_id": "CSAFPID-2698468"
                }
              }
            ],
            "category": "product_name",
            "name": "Oracle Secure Backup"
          }
        ],
        "category": "vendor",
        "name": "Oracle Corporation"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-1935",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-1935",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1935.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-1935"
    },
    {
      "cve": "CVE-2020-1938",
      "cwe": {
        "id": "CWE-285",
        "name": "Improper Authorization"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authorization",
          "title": "CWE-285"
        },
        {
          "category": "other",
          "text": "Improper Privilege Management",
          "title": "CWE-269"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-1938",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1938.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-1938"
    },
    {
      "cve": "CVE-2020-9484",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-9484",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-9484.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-9484"
    },
    {
      "cve": "CVE-2020-11996",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-11996",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11996.json"
        }
      ],
      "title": "CVE-2020-11996"
    },
    {
      "cve": "CVE-2020-13935",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-13935",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13935.json"
        }
      ],
      "title": "CVE-2020-13935"
    },
    {
      "cve": "CVE-2020-13943",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-13943",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13943.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-13943"
    },
    {
      "cve": "CVE-2020-36843",
      "cwe": {
        "id": "CWE-347",
        "name": "Improper Verification of Cryptographic Signature"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Verification of Cryptographic Signature",
          "title": "CWE-347"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-36843",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36843.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2020-36843"
    },
    {
      "cve": "CVE-2021-24122",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-24122",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-24122.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-24122"
    },
    {
      "cve": "CVE-2021-25122",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-25122",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25122.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-25122"
    },
    {
      "cve": "CVE-2021-25329",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-25329",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25329.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-25329"
    },
    {
      "cve": "CVE-2021-30640",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authentication",
          "title": "CWE-287"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-30640",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-30640.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-30640"
    },
    {
      "cve": "CVE-2021-33037",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-33037",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-33037.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-33037"
    },
    {
      "cve": "CVE-2021-41079",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-41079",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41079.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-41079"
    },
    {
      "cve": "CVE-2021-41184",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-41184",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41184.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-41184"
    },
    {
      "cve": "CVE-2021-42575",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-42575",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-42575.json"
        }
      ],
      "title": "CVE-2021-42575"
    },
    {
      "cve": "CVE-2021-43980",
      "cwe": {
        "id": "CWE-362",
        "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
          "title": "CWE-362"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-43980",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-43980.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2021-43980"
    },
    {
      "cve": "CVE-2022-3786",
      "cwe": {
        "id": "CWE-193",
        "name": "Off-by-one Error"
      },
      "notes": [
        {
          "category": "other",
          "text": "Off-by-one Error",
          "title": "CWE-193"
        },
        {
          "category": "other",
          "text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
          "title": "CWE-120"
        },
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        },
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-3786",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3786.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2022-3786"
    },
    {
      "cve": "CVE-2022-25762",
      "cwe": {
        "id": "CWE-226",
        "name": "Sensitive Information in Resource Not Removed Before Reuse"
      },
      "notes": [
        {
          "category": "other",
          "text": "Sensitive Information in Resource Not Removed Before Reuse",
          "title": "CWE-226"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Improper Handling of Exceptional Conditions",
          "title": "CWE-755"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-25762",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-25762.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2022-25762"
    },
    {
      "cve": "CVE-2022-42252",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-42252",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42252.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2022-42252"
    },
    {
      "cve": "CVE-2023-28708",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        },
        {
          "category": "other",
          "text": "Unprotected Transport of Credentials",
          "title": "CWE-523"
        },
        {
          "category": "other",
          "text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
          "title": "CWE-614"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-28708",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28708.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-28708"
    },
    {
      "cve": "CVE-2023-34053",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-34053",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34053.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-34053"
    },
    {
      "cve": "CVE-2023-41080",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-41080",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41080.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-41080"
    },
    {
      "cve": "CVE-2023-42795",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete Cleanup",
          "title": "CWE-459"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-42795",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42795.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-42795"
    },
    {
      "cve": "CVE-2023-44487",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-44487",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-45648",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-45648",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45648.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-45648"
    },
    {
      "cve": "CVE-2023-46589",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-46589",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2024-6763",
      "cwe": {
        "id": "CWE-1286",
        "name": "Improper Validation of Syntactic Correctness of Input"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Validation of Syntactic Correctness of Input",
          "title": "CWE-1286"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-6763",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6763.json"
        }
      ],
      "title": "CVE-2024-6763"
    },
    {
      "cve": "CVE-2024-8176",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Stack-based Buffer Overflow",
          "title": "CWE-121"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-8176",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8176.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-8176"
    },
    {
      "cve": "CVE-2024-8184",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-8184",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8184.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-8184"
    },
    {
      "cve": "CVE-2024-9143",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9143",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
        }
      ],
      "title": "CVE-2024-9143"
    },
    {
      "cve": "CVE-2024-11053",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "notes": [
        {
          "category": "other",
          "text": "Exposure of Sensitive Information to an Unauthorized Actor",
          "title": "CWE-200"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11053",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11053"
    },
    {
      "cve": "CVE-2024-11233",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "notes": [
        {
          "category": "other",
          "text": "Heap-based Buffer Overflow",
          "title": "CWE-122"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11233",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11233.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11233"
    },
    {
      "cve": "CVE-2024-11234",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
          "title": "CWE-74"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11234",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11234.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11234"
    },
    {
      "cve": "CVE-2024-11236",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        },
        {
          "category": "other",
          "text": "Integer Overflow or Wraparound",
          "title": "CWE-190"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-11236",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11236.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-11236"
    },
    {
      "cve": "CVE-2024-13176",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "notes": [
        {
          "category": "other",
          "text": "Covert Timing Channel",
          "title": "CWE-385"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-13176",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-13176.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-13176"
    },
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete Cleanup",
          "title": "CWE-459"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23672",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-36114",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "other",
          "text": "Out-of-bounds Write",
          "title": "CWE-787"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36114",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36114.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-36114"
    },
    {
      "cve": "CVE-2024-37891",
      "cwe": {
        "id": "CWE-669",
        "name": "Incorrect Resource Transfer Between Spheres"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incorrect Resource Transfer Between Spheres",
          "title": "CWE-669"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-37891",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38819",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38819",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-38819"
    },
    {
      "cve": "CVE-2024-38820",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        },
        {
          "category": "other",
          "text": "Improper Handling of Case Sensitivity",
          "title": "CWE-178"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38820",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-38820"
    },
    {
      "cve": "CVE-2024-38999",
      "cwe": {
        "id": "CWE-1321",
        "name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
          "title": "CWE-1321"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38999",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 10.0,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-38999"
    },
    {
      "cve": "CVE-2024-39338",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-39338",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39338.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-39338"
    },
    {
      "cve": "CVE-2024-47554",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47554",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-47554"
    },
    {
      "cve": "CVE-2024-47561",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-47561",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-47561"
    },
    {
      "cve": "CVE-2024-53382",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
          "title": "CWE-94"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-53382",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53382.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-53382"
    },
    {
      "cve": "CVE-2024-57699",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Uncontrolled Recursion",
          "title": "CWE-674"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-57699",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-57699.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2024-57699"
    },
    {
      "cve": "CVE-2025-21578",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-21578",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21578.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-21578"
    },
    {
      "cve": "CVE-2025-24813",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
          "title": "CWE-44"
        },
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        },
        {
          "category": "other",
          "text": "Use of Incorrectly-Resolved Name or Reference",
          "title": "CWE-706"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24813",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24813.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-24813"
    },
    {
      "cve": "CVE-2025-24970",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-24970",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-24970"
    },
    {
      "cve": "CVE-2025-25193",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-25193",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25193.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-25193"
    },
    {
      "cve": "CVE-2025-26791",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-26791",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26791.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-26791"
    },
    {
      "cve": "CVE-2025-30694",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30694",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30694.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30694"
    },
    {
      "cve": "CVE-2025-30701",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30701",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30701.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30701"
    },
    {
      "cve": "CVE-2025-30702",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30702",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30702.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30702"
    },
    {
      "cve": "CVE-2025-30733",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30733",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30733.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30733"
    },
    {
      "cve": "CVE-2025-30736",
      "product_status": {
        "known_affected": [
          "CSAFPID-1304603",
          "CSAFPID-1201359",
          "CSAFPID-1145825",
          "CSAFPID-2698969",
          "CSAFPID-1145826",
          "CSAFPID-2698968",
          "CSAFPID-1839905",
          "CSAFPID-2698934",
          "CSAFPID-1144644",
          "CSAFPID-2699002",
          "CSAFPID-2699003",
          "CSAFPID-2699004",
          "CSAFPID-2699053",
          "CSAFPID-2698485",
          "CSAFPID-2698486",
          "CSAFPID-2698487",
          "CSAFPID-2698932",
          "CSAFPID-2698931",
          "CSAFPID-2698930",
          "CSAFPID-2698933",
          "CSAFPID-2698943",
          "CSAFPID-2698376",
          "CSAFPID-2698377",
          "CSAFPID-2698949",
          "CSAFPID-2698941",
          "CSAFPID-2698942",
          "CSAFPID-2699022",
          "CSAFPID-1839977",
          "CSAFPID-1840034",
          "CSAFPID-1840035",
          "CSAFPID-1144602",
          "CSAFPID-1238473",
          "CSAFPID-1145800",
          "CSAFPID-356315",
          "CSAFPID-1237753",
          "CSAFPID-1238475",
          "CSAFPID-1296375",
          "CSAFPID-356152",
          "CSAFPID-1237603",
          "CSAFPID-2699065",
          "CSAFPID-2699066",
          "CSAFPID-1840017",
          "CSAFPID-1840013",
          "CSAFPID-1145419",
          "CSAFPID-1145421",
          "CSAFPID-1145422",
          "CSAFPID-1145420",
          "CSAFPID-2699109",
          "CSAFPID-2699107",
          "CSAFPID-2699106",
          "CSAFPID-2699110",
          "CSAFPID-2698972",
          "CSAFPID-2699108",
          "CSAFPID-2698463",
          "CSAFPID-2698464",
          "CSAFPID-2698465",
          "CSAFPID-2698466",
          "CSAFPID-2698467",
          "CSAFPID-2698468"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-30736",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30736.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1304603",
            "CSAFPID-1201359",
            "CSAFPID-1145825",
            "CSAFPID-2698969",
            "CSAFPID-1145826",
            "CSAFPID-2698968",
            "CSAFPID-1839905",
            "CSAFPID-2698934",
            "CSAFPID-1144644",
            "CSAFPID-2699002",
            "CSAFPID-2699003",
            "CSAFPID-2699004",
            "CSAFPID-2699053",
            "CSAFPID-2698485",
            "CSAFPID-2698486",
            "CSAFPID-2698487",
            "CSAFPID-2698932",
            "CSAFPID-2698931",
            "CSAFPID-2698930",
            "CSAFPID-2698933",
            "CSAFPID-2698943",
            "CSAFPID-2698376",
            "CSAFPID-2698377",
            "CSAFPID-2698949",
            "CSAFPID-2698941",
            "CSAFPID-2698942",
            "CSAFPID-2699022",
            "CSAFPID-1839977",
            "CSAFPID-1840034",
            "CSAFPID-1840035",
            "CSAFPID-1144602",
            "CSAFPID-1238473",
            "CSAFPID-1145800",
            "CSAFPID-356315",
            "CSAFPID-1237753",
            "CSAFPID-1238475",
            "CSAFPID-1296375",
            "CSAFPID-356152",
            "CSAFPID-1237603",
            "CSAFPID-2699065",
            "CSAFPID-2699066",
            "CSAFPID-1840017",
            "CSAFPID-1840013",
            "CSAFPID-1145419",
            "CSAFPID-1145421",
            "CSAFPID-1145422",
            "CSAFPID-1145420",
            "CSAFPID-2699109",
            "CSAFPID-2699107",
            "CSAFPID-2699106",
            "CSAFPID-2699110",
            "CSAFPID-2698972",
            "CSAFPID-2699108",
            "CSAFPID-2698463",
            "CSAFPID-2698464",
            "CSAFPID-2698465",
            "CSAFPID-2698466",
            "CSAFPID-2698467",
            "CSAFPID-2698468"
          ]
        }
      ],
      "title": "CVE-2025-30736"
    }
  ]
}

ncsc-2024-0231

Vulnerability from csaf_ncscnl

Published

2024-05-22 11:13

Modified

2024-05-22 11:13

Summary

Kwetsbaarheden verholpen in Atlassian producten

Notes

Feiten

Atlassian heeft kwetsbaarheden verholpen in diverse producten, zoals Jira, Confluence en Bitbucket.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade: - Cross-Site Request Forgery (XSRF) - Denial-of-Service (DoS) - Omzeilen van authenticatie - (Remote) code execution (Administrator/Root rechten) - (Remote) code execution (Gebruikersrechten) - SQL Injection - Toegang tot systeemgegevens

Oplossingen

Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie: https://confluence.atlassian.com/security/security-bulletin-may-21-2024-1387867145.html

Kans

medium

Schade

high

CWE-284

Improper Access Control

CWE-20

Improper Input Validation

CWE-281

Improper Preservation of Permissions

CWE-400

Uncontrolled Resource Consumption

CWE-404

Improper Resource Shutdown or Release

CWE-444

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')

CWE-459

Incomplete Cleanup

CWE-502

Deserialization of Untrusted Data

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

CWE-770

Allocation of Resources Without Limits or Throttling

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CWE-913

Improper Control of Dynamically-Managed Code Resources

CWE-96

Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection')

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Atlassian heeft kwetsbaarheden verholpen in diverse producten, zoals Jira, Confluence en Bitbucket.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Cross-Site Request Forgery (XSRF)\n- Denial-of-Service (DoS)\n- Omzeilen van authenticatie\n- (Remote) code execution (Administrator/Root rechten)\n- (Remote) code execution (Gebruikersrechten)\n- SQL Injection\n- Toegang tot systeemgegevens\n",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie:\n\nhttps://confluence.atlassian.com/security/security-bulletin-may-21-2024-1387867145.html",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Access Control",
        "title": "CWE-284"
      },
      {
        "category": "general",
        "text": "Improper Input Validation",
        "title": "CWE-20"
      },
      {
        "category": "general",
        "text": "Improper Preservation of Permissions",
        "title": "CWE-281"
      },
      {
        "category": "general",
        "text": "Uncontrolled Resource Consumption",
        "title": "CWE-400"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
        "title": "CWE-444"
      },
      {
        "category": "general",
        "text": "Incomplete Cleanup",
        "title": "CWE-459"
      },
      {
        "category": "general",
        "text": "Deserialization of Untrusted Data",
        "title": "CWE-502"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      },
      {
        "category": "general",
        "text": "Allocation of Resources Without Limits or Throttling",
        "title": "CWE-770"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
        "title": "CWE-89"
      },
      {
        "category": "general",
        "text": "Improper Control of Dynamically-Managed Code Resources",
        "title": "CWE-913"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)",
        "title": "CWE-96"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd",
        "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1387867145"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Atlassian producten",
    "tracking": {
      "current_release_date": "2024-05-22T11:13:07.693855Z",
      "id": "NCSC-2024-0231",
      "initial_release_date": "2024-05-22T11:13:07.693855Z",
      "revision_history": [
        {
          "date": "2024-05-22T11:13:07.693855Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "bamboo",
            "product": {
              "name": "bamboo",
              "product_id": "CSAFPID-716889",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "bitbucket",
            "product": {
              "name": "bitbucket",
              "product_id": "CSAFPID-344199",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "confluence",
            "product": {
              "name": "confluence",
              "product_id": "CSAFPID-551338",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "crowd",
            "product": {
              "name": "crowd",
              "product_id": "CSAFPID-344399",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "jira_service_management",
            "product": {
              "name": "jira_service_management",
              "product_id": "CSAFPID-343852",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "jira_service_management",
            "product": {
              "name": "jira_service_management",
              "product_id": "CSAFPID-343851",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "jira",
            "product": {
              "name": "jira",
              "product_id": "CSAFPID-98204",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "atlassian"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-7656",
      "cwe": {
        "id": "CWE-444",
        "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
          "title": "CWE-444"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2017-7656",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2017/CVE-2017-7656.json"
        }
      ],
      "title": "CVE-2017-7656"
    },
    {
      "cve": "CVE-2017-9735",
      "references": [
        {
          "category": "self",
          "summary": "CVE-2017-9735",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2017/CVE-2017-9735.json"
        }
      ],
      "title": "CVE-2017-9735"
    },
    {
      "cve": "CVE-2020-10672",
      "cwe": {
        "id": "CWE-96",
        "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)",
          "title": "CWE-96"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-10672",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10672.json"
        }
      ],
      "title": "CVE-2020-10672"
    },
    {
      "cve": "CVE-2020-10673",
      "cwe": {
        "id": "CWE-96",
        "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)",
          "title": "CWE-96"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-10673",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10673.json"
        }
      ],
      "title": "CVE-2020-10673"
    },
    {
      "cve": "CVE-2020-10968",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-10968",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10968.json"
        }
      ],
      "title": "CVE-2020-10968"
    },
    {
      "cve": "CVE-2020-10969",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-10969",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-10969.json"
        }
      ],
      "title": "CVE-2020-10969"
    },
    {
      "cve": "CVE-2020-11111",
      "cwe": {
        "id": "CWE-96",
        "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)",
          "title": "CWE-96"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-11111",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11111.json"
        }
      ],
      "title": "CVE-2020-11111"
    },
    {
      "cve": "CVE-2020-11112",
      "cwe": {
        "id": "CWE-96",
        "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)",
          "title": "CWE-96"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-11112",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11112.json"
        }
      ],
      "title": "CVE-2020-11112"
    },
    {
      "cve": "CVE-2020-11113",
      "cwe": {
        "id": "CWE-96",
        "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)",
          "title": "CWE-96"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-11113",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11113.json"
        }
      ],
      "title": "CVE-2020-11113"
    },
    {
      "cve": "CVE-2020-24616",
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-24616",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-24616.json"
        }
      ],
      "title": "CVE-2020-24616"
    },
    {
      "cve": "CVE-2020-35728",
      "cwe": {
        "id": "CWE-96",
        "name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)",
          "title": "CWE-96"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-35728",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-35728.json"
        }
      ],
      "title": "CVE-2020-35728"
    },
    {
      "cve": "CVE-2020-36179",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-36179",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36179.json"
        }
      ],
      "title": "CVE-2020-36179"
    },
    {
      "cve": "CVE-2020-36180",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-36180",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36180.json"
        }
      ],
      "title": "CVE-2020-36180"
    },
    {
      "cve": "CVE-2020-36181",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-36181",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36181.json"
        }
      ],
      "title": "CVE-2020-36181"
    },
    {
      "cve": "CVE-2020-36182",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-36182",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36182.json"
        }
      ],
      "title": "CVE-2020-36182"
    },
    {
      "cve": "CVE-2020-36184",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-36184",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36184.json"
        }
      ],
      "title": "CVE-2020-36184"
    },
    {
      "cve": "CVE-2020-36188",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-36188",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36188.json"
        }
      ],
      "title": "CVE-2020-36188"
    },
    {
      "cve": "CVE-2021-28165",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "other",
          "text": "Uncontrolled Resource Consumption",
          "title": "CWE-400"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2021-28165",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-28165.json"
        }
      ],
      "title": "CVE-2021-28165"
    },
    {
      "cve": "CVE-2022-25647",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-25647",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-25647.json"
        }
      ],
      "title": "CVE-2022-25647"
    },
    {
      "cve": "CVE-2022-41966",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "notes": [
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        },
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-41966",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41966.json"
        }
      ],
      "title": "CVE-2022-41966"
    },
    {
      "cve": "CVE-2022-42003",
      "cwe": {
        "id": "CWE-404",
        "name": "Improper Resource Shutdown or Release"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Resource Shutdown or Release",
          "title": "CWE-404"
        },
        {
          "category": "other",
          "text": "Deserialization of Untrusted Data",
          "title": "CWE-502"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2022-42003",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42003.json"
        }
      ],
      "title": "CVE-2022-42003"
    },
    {
      "cve": "CVE-2023-4759",
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-4759",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json"
        }
      ],
      "title": "CVE-2023-4759"
    },
    {
      "cve": "CVE-2023-34396",
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-34396",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34396.json"
        }
      ],
      "title": "CVE-2023-34396"
    },
    {
      "cve": "CVE-2023-41835",
      "cwe": {
        "id": "CWE-913",
        "name": "Improper Control of Dynamically-Managed Code Resources"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Control of Dynamically-Managed Code Resources",
          "title": "CWE-913"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-41835",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41835.json"
        }
      ],
      "title": "CVE-2023-41835"
    },
    {
      "cve": "CVE-2023-45859",
      "cwe": {
        "id": "CWE-281",
        "name": "Improper Preservation of Permissions"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Preservation of Permissions",
          "title": "CWE-281"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-45859",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45859.json"
        }
      ],
      "title": "CVE-2023-45859"
    },
    {
      "cve": "CVE-2024-1597",
      "cwe": {
        "id": "CWE-89",
        "name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
          "title": "CWE-89"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-1597",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1597.json"
        }
      ],
      "title": "CVE-2024-1597"
    },
    {
      "cve": "CVE-2024-21634",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "notes": [
        {
          "category": "other",
          "text": "Allocation of Resources Without Limits or Throttling",
          "title": "CWE-770"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21634",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21634.json"
        }
      ],
      "title": "CVE-2024-21634"
    },
    {
      "cve": "CVE-2024-21683",
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-21683",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21683.json"
        }
      ],
      "title": "CVE-2024-21683"
    },
    {
      "cve": "CVE-2024-22257",
      "cwe": {
        "id": "CWE-284",
        "name": "Improper Access Control"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Access Control",
          "title": "CWE-284"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22257",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22257.json"
        }
      ],
      "title": "CVE-2024-22257"
    },
    {
      "cve": "CVE-2024-22262",
      "cwe": {
        "id": "CWE-601",
        "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-22262",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
        }
      ],
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "notes": [
        {
          "category": "other",
          "text": "Incomplete Cleanup",
          "title": "CWE-459"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-23672",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Input Validation",
          "title": "CWE-20"
        }
      ],
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-24549",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
        }
      ],
      "title": "CVE-2024-24549"
    }
  ]
}

opensuse-su-2024:13833-1

Vulnerability from csaf_opensuse

Published

2024-06-15 00:00

Modified

2024-06-15 00:00

Summary

tomcat10-10.1.20-1.1 on GA media

Notes

Title of the patch

tomcat10-10.1.20-1.1 on GA media

Description of the patch

These are all security issues fixed in the tomcat10-10.1.20-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-13833

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "tomcat10-10.1.20-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the tomcat10-10.1.20-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-13833",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13833-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-23672 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-23672/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24549 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24549/"
      }
    ],
    "title": "tomcat10-10.1.20-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:13833-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat10-10.1.20-1.1.aarch64",
                "product": {
                  "name": "tomcat10-10.1.20-1.1.aarch64",
                  "product_id": "tomcat10-10.1.20-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-admin-webapps-10.1.20-1.1.aarch64",
                "product": {
                  "name": "tomcat10-admin-webapps-10.1.20-1.1.aarch64",
                  "product_id": "tomcat10-admin-webapps-10.1.20-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-doc-10.1.20-1.1.aarch64",
                "product": {
                  "name": "tomcat10-doc-10.1.20-1.1.aarch64",
                  "product_id": "tomcat10-doc-10.1.20-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-docs-webapp-10.1.20-1.1.aarch64",
                "product": {
                  "name": "tomcat10-docs-webapp-10.1.20-1.1.aarch64",
                  "product_id": "tomcat10-docs-webapp-10.1.20-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-el-5_0-api-10.1.20-1.1.aarch64",
                "product": {
                  "name": "tomcat10-el-5_0-api-10.1.20-1.1.aarch64",
                  "product_id": "tomcat10-el-5_0-api-10.1.20-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-embed-10.1.20-1.1.aarch64",
                "product": {
                  "name": "tomcat10-embed-10.1.20-1.1.aarch64",
                  "product_id": "tomcat10-embed-10.1.20-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64",
                "product": {
                  "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64",
                  "product_id": "tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsvc-10.1.20-1.1.aarch64",
                "product": {
                  "name": "tomcat10-jsvc-10.1.20-1.1.aarch64",
                  "product_id": "tomcat10-jsvc-10.1.20-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-lib-10.1.20-1.1.aarch64",
                "product": {
                  "name": "tomcat10-lib-10.1.20-1.1.aarch64",
                  "product_id": "tomcat10-lib-10.1.20-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64",
                "product": {
                  "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64",
                  "product_id": "tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-webapps-10.1.20-1.1.aarch64",
                "product": {
                  "name": "tomcat10-webapps-10.1.20-1.1.aarch64",
                  "product_id": "tomcat10-webapps-10.1.20-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat10-10.1.20-1.1.ppc64le",
                "product": {
                  "name": "tomcat10-10.1.20-1.1.ppc64le",
                  "product_id": "tomcat10-10.1.20-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-admin-webapps-10.1.20-1.1.ppc64le",
                "product": {
                  "name": "tomcat10-admin-webapps-10.1.20-1.1.ppc64le",
                  "product_id": "tomcat10-admin-webapps-10.1.20-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-doc-10.1.20-1.1.ppc64le",
                "product": {
                  "name": "tomcat10-doc-10.1.20-1.1.ppc64le",
                  "product_id": "tomcat10-doc-10.1.20-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-docs-webapp-10.1.20-1.1.ppc64le",
                "product": {
                  "name": "tomcat10-docs-webapp-10.1.20-1.1.ppc64le",
                  "product_id": "tomcat10-docs-webapp-10.1.20-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-el-5_0-api-10.1.20-1.1.ppc64le",
                "product": {
                  "name": "tomcat10-el-5_0-api-10.1.20-1.1.ppc64le",
                  "product_id": "tomcat10-el-5_0-api-10.1.20-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-embed-10.1.20-1.1.ppc64le",
                "product": {
                  "name": "tomcat10-embed-10.1.20-1.1.ppc64le",
                  "product_id": "tomcat10-embed-10.1.20-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le",
                "product": {
                  "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le",
                  "product_id": "tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsvc-10.1.20-1.1.ppc64le",
                "product": {
                  "name": "tomcat10-jsvc-10.1.20-1.1.ppc64le",
                  "product_id": "tomcat10-jsvc-10.1.20-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-lib-10.1.20-1.1.ppc64le",
                "product": {
                  "name": "tomcat10-lib-10.1.20-1.1.ppc64le",
                  "product_id": "tomcat10-lib-10.1.20-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le",
                "product": {
                  "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le",
                  "product_id": "tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-webapps-10.1.20-1.1.ppc64le",
                "product": {
                  "name": "tomcat10-webapps-10.1.20-1.1.ppc64le",
                  "product_id": "tomcat10-webapps-10.1.20-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat10-10.1.20-1.1.s390x",
                "product": {
                  "name": "tomcat10-10.1.20-1.1.s390x",
                  "product_id": "tomcat10-10.1.20-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-admin-webapps-10.1.20-1.1.s390x",
                "product": {
                  "name": "tomcat10-admin-webapps-10.1.20-1.1.s390x",
                  "product_id": "tomcat10-admin-webapps-10.1.20-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-doc-10.1.20-1.1.s390x",
                "product": {
                  "name": "tomcat10-doc-10.1.20-1.1.s390x",
                  "product_id": "tomcat10-doc-10.1.20-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-docs-webapp-10.1.20-1.1.s390x",
                "product": {
                  "name": "tomcat10-docs-webapp-10.1.20-1.1.s390x",
                  "product_id": "tomcat10-docs-webapp-10.1.20-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-el-5_0-api-10.1.20-1.1.s390x",
                "product": {
                  "name": "tomcat10-el-5_0-api-10.1.20-1.1.s390x",
                  "product_id": "tomcat10-el-5_0-api-10.1.20-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-embed-10.1.20-1.1.s390x",
                "product": {
                  "name": "tomcat10-embed-10.1.20-1.1.s390x",
                  "product_id": "tomcat10-embed-10.1.20-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.s390x",
                "product": {
                  "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.s390x",
                  "product_id": "tomcat10-jsp-3_1-api-10.1.20-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsvc-10.1.20-1.1.s390x",
                "product": {
                  "name": "tomcat10-jsvc-10.1.20-1.1.s390x",
                  "product_id": "tomcat10-jsvc-10.1.20-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-lib-10.1.20-1.1.s390x",
                "product": {
                  "name": "tomcat10-lib-10.1.20-1.1.s390x",
                  "product_id": "tomcat10-lib-10.1.20-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.s390x",
                "product": {
                  "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.s390x",
                  "product_id": "tomcat10-servlet-6_0-api-10.1.20-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-webapps-10.1.20-1.1.s390x",
                "product": {
                  "name": "tomcat10-webapps-10.1.20-1.1.s390x",
                  "product_id": "tomcat10-webapps-10.1.20-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat10-10.1.20-1.1.x86_64",
                "product": {
                  "name": "tomcat10-10.1.20-1.1.x86_64",
                  "product_id": "tomcat10-10.1.20-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-admin-webapps-10.1.20-1.1.x86_64",
                "product": {
                  "name": "tomcat10-admin-webapps-10.1.20-1.1.x86_64",
                  "product_id": "tomcat10-admin-webapps-10.1.20-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-doc-10.1.20-1.1.x86_64",
                "product": {
                  "name": "tomcat10-doc-10.1.20-1.1.x86_64",
                  "product_id": "tomcat10-doc-10.1.20-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-docs-webapp-10.1.20-1.1.x86_64",
                "product": {
                  "name": "tomcat10-docs-webapp-10.1.20-1.1.x86_64",
                  "product_id": "tomcat10-docs-webapp-10.1.20-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-el-5_0-api-10.1.20-1.1.x86_64",
                "product": {
                  "name": "tomcat10-el-5_0-api-10.1.20-1.1.x86_64",
                  "product_id": "tomcat10-el-5_0-api-10.1.20-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-embed-10.1.20-1.1.x86_64",
                "product": {
                  "name": "tomcat10-embed-10.1.20-1.1.x86_64",
                  "product_id": "tomcat10-embed-10.1.20-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64",
                "product": {
                  "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64",
                  "product_id": "tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsvc-10.1.20-1.1.x86_64",
                "product": {
                  "name": "tomcat10-jsvc-10.1.20-1.1.x86_64",
                  "product_id": "tomcat10-jsvc-10.1.20-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-lib-10.1.20-1.1.x86_64",
                "product": {
                  "name": "tomcat10-lib-10.1.20-1.1.x86_64",
                  "product_id": "tomcat10-lib-10.1.20-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64",
                "product": {
                  "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64",
                  "product_id": "tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-webapps-10.1.20-1.1.x86_64",
                "product": {
                  "name": "tomcat10-webapps-10.1.20-1.1.x86_64",
                  "product_id": "tomcat10-webapps-10.1.20-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.20-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.aarch64"
        },
        "product_reference": "tomcat10-10.1.20-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.20-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.ppc64le"
        },
        "product_reference": "tomcat10-10.1.20-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.20-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.s390x"
        },
        "product_reference": "tomcat10-10.1.20-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.20-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.x86_64"
        },
        "product_reference": "tomcat10-10.1.20-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.20-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.aarch64"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.20-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.20-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.ppc64le"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.20-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.20-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.s390x"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.20-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.20-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.x86_64"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.20-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-doc-10.1.20-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.aarch64"
        },
        "product_reference": "tomcat10-doc-10.1.20-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-doc-10.1.20-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.ppc64le"
        },
        "product_reference": "tomcat10-doc-10.1.20-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-doc-10.1.20-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.s390x"
        },
        "product_reference": "tomcat10-doc-10.1.20-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-doc-10.1.20-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.x86_64"
        },
        "product_reference": "tomcat10-doc-10.1.20-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-docs-webapp-10.1.20-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.aarch64"
        },
        "product_reference": "tomcat10-docs-webapp-10.1.20-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-docs-webapp-10.1.20-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.ppc64le"
        },
        "product_reference": "tomcat10-docs-webapp-10.1.20-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-docs-webapp-10.1.20-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.s390x"
        },
        "product_reference": "tomcat10-docs-webapp-10.1.20-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-docs-webapp-10.1.20-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.x86_64"
        },
        "product_reference": "tomcat10-docs-webapp-10.1.20-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.20-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.aarch64"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.20-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.20-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.ppc64le"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.20-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.20-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.s390x"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.20-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.20-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.x86_64"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.20-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-embed-10.1.20-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.aarch64"
        },
        "product_reference": "tomcat10-embed-10.1.20-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-embed-10.1.20-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.ppc64le"
        },
        "product_reference": "tomcat10-embed-10.1.20-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-embed-10.1.20-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.s390x"
        },
        "product_reference": "tomcat10-embed-10.1.20-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-embed-10.1.20-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.x86_64"
        },
        "product_reference": "tomcat10-embed-10.1.20-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.s390x"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.20-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsvc-10.1.20-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.aarch64"
        },
        "product_reference": "tomcat10-jsvc-10.1.20-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsvc-10.1.20-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.ppc64le"
        },
        "product_reference": "tomcat10-jsvc-10.1.20-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsvc-10.1.20-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.s390x"
        },
        "product_reference": "tomcat10-jsvc-10.1.20-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsvc-10.1.20-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.x86_64"
        },
        "product_reference": "tomcat10-jsvc-10.1.20-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.20-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.aarch64"
        },
        "product_reference": "tomcat10-lib-10.1.20-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.20-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.ppc64le"
        },
        "product_reference": "tomcat10-lib-10.1.20-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.20-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.s390x"
        },
        "product_reference": "tomcat10-lib-10.1.20-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.20-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.x86_64"
        },
        "product_reference": "tomcat10-lib-10.1.20-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.s390x"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.20-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.20-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.aarch64"
        },
        "product_reference": "tomcat10-webapps-10.1.20-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.20-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.ppc64le"
        },
        "product_reference": "tomcat10-webapps-10.1.20-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.20-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.s390x"
        },
        "product_reference": "tomcat10-webapps-10.1.20-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.20-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.x86_64"
        },
        "product_reference": "tomcat10-webapps-10.1.20-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-23672"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nOlder, EOL versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-23672",
          "url": "https://www.suse.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221385 for CVE-2024-23672",
          "url": "https://bugzilla.suse.com/1221385"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24549"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.s390x",
          "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24549",
          "url": "https://www.suse.com/security/cve/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221386 for CVE-2024-24549",
          "url": "https://bugzilla.suse.com/1221386"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-admin-webapps-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-doc-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-docs-webapp-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-el-5_0-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-embed-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-jsp-3_1-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-jsvc-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-lib-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-servlet-6_0-api-10.1.20-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.s390x",
            "openSUSE Tumbleweed:tomcat10-webapps-10.1.20-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24549"
    }
  ]
}

opensuse-su-2024:13832-1

Vulnerability from csaf_opensuse

Published

2024-06-15 00:00

Modified

2024-06-15 00:00

Summary

tomcat-9.0.87-1.1 on GA media

Notes

Title of the patch

tomcat-9.0.87-1.1 on GA media

Description of the patch

These are all security issues fixed in the tomcat-9.0.87-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-13832

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "tomcat-9.0.87-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the tomcat-9.0.87-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-13832",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13832-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-23672 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-23672/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24549 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24549/"
      }
    ],
    "title": "tomcat-9.0.87-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:13832-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-9.0.87-1.1.aarch64",
                "product": {
                  "name": "tomcat-9.0.87-1.1.aarch64",
                  "product_id": "tomcat-9.0.87-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-9.0.87-1.1.aarch64",
                "product": {
                  "name": "tomcat-admin-webapps-9.0.87-1.1.aarch64",
                  "product_id": "tomcat-admin-webapps-9.0.87-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-9.0.87-1.1.aarch64",
                "product": {
                  "name": "tomcat-docs-webapp-9.0.87-1.1.aarch64",
                  "product_id": "tomcat-docs-webapp-9.0.87-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3_0-api-9.0.87-1.1.aarch64",
                "product": {
                  "name": "tomcat-el-3_0-api-9.0.87-1.1.aarch64",
                  "product_id": "tomcat-el-3_0-api-9.0.87-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-embed-9.0.87-1.1.aarch64",
                "product": {
                  "name": "tomcat-embed-9.0.87-1.1.aarch64",
                  "product_id": "tomcat-embed-9.0.87-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-javadoc-9.0.87-1.1.aarch64",
                "product": {
                  "name": "tomcat-javadoc-9.0.87-1.1.aarch64",
                  "product_id": "tomcat-javadoc-9.0.87-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2_3-api-9.0.87-1.1.aarch64",
                "product": {
                  "name": "tomcat-jsp-2_3-api-9.0.87-1.1.aarch64",
                  "product_id": "tomcat-jsp-2_3-api-9.0.87-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsvc-9.0.87-1.1.aarch64",
                "product": {
                  "name": "tomcat-jsvc-9.0.87-1.1.aarch64",
                  "product_id": "tomcat-jsvc-9.0.87-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-9.0.87-1.1.aarch64",
                "product": {
                  "name": "tomcat-lib-9.0.87-1.1.aarch64",
                  "product_id": "tomcat-lib-9.0.87-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4_0-api-9.0.87-1.1.aarch64",
                "product": {
                  "name": "tomcat-servlet-4_0-api-9.0.87-1.1.aarch64",
                  "product_id": "tomcat-servlet-4_0-api-9.0.87-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-9.0.87-1.1.aarch64",
                "product": {
                  "name": "tomcat-webapps-9.0.87-1.1.aarch64",
                  "product_id": "tomcat-webapps-9.0.87-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-9.0.87-1.1.ppc64le",
                "product": {
                  "name": "tomcat-9.0.87-1.1.ppc64le",
                  "product_id": "tomcat-9.0.87-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-9.0.87-1.1.ppc64le",
                "product": {
                  "name": "tomcat-admin-webapps-9.0.87-1.1.ppc64le",
                  "product_id": "tomcat-admin-webapps-9.0.87-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-9.0.87-1.1.ppc64le",
                "product": {
                  "name": "tomcat-docs-webapp-9.0.87-1.1.ppc64le",
                  "product_id": "tomcat-docs-webapp-9.0.87-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3_0-api-9.0.87-1.1.ppc64le",
                "product": {
                  "name": "tomcat-el-3_0-api-9.0.87-1.1.ppc64le",
                  "product_id": "tomcat-el-3_0-api-9.0.87-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-embed-9.0.87-1.1.ppc64le",
                "product": {
                  "name": "tomcat-embed-9.0.87-1.1.ppc64le",
                  "product_id": "tomcat-embed-9.0.87-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-javadoc-9.0.87-1.1.ppc64le",
                "product": {
                  "name": "tomcat-javadoc-9.0.87-1.1.ppc64le",
                  "product_id": "tomcat-javadoc-9.0.87-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le",
                "product": {
                  "name": "tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le",
                  "product_id": "tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsvc-9.0.87-1.1.ppc64le",
                "product": {
                  "name": "tomcat-jsvc-9.0.87-1.1.ppc64le",
                  "product_id": "tomcat-jsvc-9.0.87-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-9.0.87-1.1.ppc64le",
                "product": {
                  "name": "tomcat-lib-9.0.87-1.1.ppc64le",
                  "product_id": "tomcat-lib-9.0.87-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le",
                "product": {
                  "name": "tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le",
                  "product_id": "tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-9.0.87-1.1.ppc64le",
                "product": {
                  "name": "tomcat-webapps-9.0.87-1.1.ppc64le",
                  "product_id": "tomcat-webapps-9.0.87-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-9.0.87-1.1.s390x",
                "product": {
                  "name": "tomcat-9.0.87-1.1.s390x",
                  "product_id": "tomcat-9.0.87-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-9.0.87-1.1.s390x",
                "product": {
                  "name": "tomcat-admin-webapps-9.0.87-1.1.s390x",
                  "product_id": "tomcat-admin-webapps-9.0.87-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-9.0.87-1.1.s390x",
                "product": {
                  "name": "tomcat-docs-webapp-9.0.87-1.1.s390x",
                  "product_id": "tomcat-docs-webapp-9.0.87-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3_0-api-9.0.87-1.1.s390x",
                "product": {
                  "name": "tomcat-el-3_0-api-9.0.87-1.1.s390x",
                  "product_id": "tomcat-el-3_0-api-9.0.87-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-embed-9.0.87-1.1.s390x",
                "product": {
                  "name": "tomcat-embed-9.0.87-1.1.s390x",
                  "product_id": "tomcat-embed-9.0.87-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-javadoc-9.0.87-1.1.s390x",
                "product": {
                  "name": "tomcat-javadoc-9.0.87-1.1.s390x",
                  "product_id": "tomcat-javadoc-9.0.87-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2_3-api-9.0.87-1.1.s390x",
                "product": {
                  "name": "tomcat-jsp-2_3-api-9.0.87-1.1.s390x",
                  "product_id": "tomcat-jsp-2_3-api-9.0.87-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsvc-9.0.87-1.1.s390x",
                "product": {
                  "name": "tomcat-jsvc-9.0.87-1.1.s390x",
                  "product_id": "tomcat-jsvc-9.0.87-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-9.0.87-1.1.s390x",
                "product": {
                  "name": "tomcat-lib-9.0.87-1.1.s390x",
                  "product_id": "tomcat-lib-9.0.87-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4_0-api-9.0.87-1.1.s390x",
                "product": {
                  "name": "tomcat-servlet-4_0-api-9.0.87-1.1.s390x",
                  "product_id": "tomcat-servlet-4_0-api-9.0.87-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-9.0.87-1.1.s390x",
                "product": {
                  "name": "tomcat-webapps-9.0.87-1.1.s390x",
                  "product_id": "tomcat-webapps-9.0.87-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-9.0.87-1.1.x86_64",
                "product": {
                  "name": "tomcat-9.0.87-1.1.x86_64",
                  "product_id": "tomcat-9.0.87-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-9.0.87-1.1.x86_64",
                "product": {
                  "name": "tomcat-admin-webapps-9.0.87-1.1.x86_64",
                  "product_id": "tomcat-admin-webapps-9.0.87-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-9.0.87-1.1.x86_64",
                "product": {
                  "name": "tomcat-docs-webapp-9.0.87-1.1.x86_64",
                  "product_id": "tomcat-docs-webapp-9.0.87-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3_0-api-9.0.87-1.1.x86_64",
                "product": {
                  "name": "tomcat-el-3_0-api-9.0.87-1.1.x86_64",
                  "product_id": "tomcat-el-3_0-api-9.0.87-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-embed-9.0.87-1.1.x86_64",
                "product": {
                  "name": "tomcat-embed-9.0.87-1.1.x86_64",
                  "product_id": "tomcat-embed-9.0.87-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-javadoc-9.0.87-1.1.x86_64",
                "product": {
                  "name": "tomcat-javadoc-9.0.87-1.1.x86_64",
                  "product_id": "tomcat-javadoc-9.0.87-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2_3-api-9.0.87-1.1.x86_64",
                "product": {
                  "name": "tomcat-jsp-2_3-api-9.0.87-1.1.x86_64",
                  "product_id": "tomcat-jsp-2_3-api-9.0.87-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsvc-9.0.87-1.1.x86_64",
                "product": {
                  "name": "tomcat-jsvc-9.0.87-1.1.x86_64",
                  "product_id": "tomcat-jsvc-9.0.87-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-9.0.87-1.1.x86_64",
                "product": {
                  "name": "tomcat-lib-9.0.87-1.1.x86_64",
                  "product_id": "tomcat-lib-9.0.87-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4_0-api-9.0.87-1.1.x86_64",
                "product": {
                  "name": "tomcat-servlet-4_0-api-9.0.87-1.1.x86_64",
                  "product_id": "tomcat-servlet-4_0-api-9.0.87-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-9.0.87-1.1.x86_64",
                "product": {
                  "name": "tomcat-webapps-9.0.87-1.1.x86_64",
                  "product_id": "tomcat-webapps-9.0.87-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-9.0.87-1.1.aarch64"
        },
        "product_reference": "tomcat-9.0.87-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-9.0.87-1.1.ppc64le"
        },
        "product_reference": "tomcat-9.0.87-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-9.0.87-1.1.s390x"
        },
        "product_reference": "tomcat-9.0.87-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-9.0.87-1.1.x86_64"
        },
        "product_reference": "tomcat-9.0.87-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.aarch64"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.ppc64le"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.s390x"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.x86_64"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-9.0.87-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.aarch64"
        },
        "product_reference": "tomcat-docs-webapp-9.0.87-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-9.0.87-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.ppc64le"
        },
        "product_reference": "tomcat-docs-webapp-9.0.87-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-9.0.87-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.s390x"
        },
        "product_reference": "tomcat-docs-webapp-9.0.87-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-9.0.87-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.x86_64"
        },
        "product_reference": "tomcat-docs-webapp-9.0.87-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.aarch64"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.ppc64le"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.s390x"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.x86_64"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-embed-9.0.87-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.aarch64"
        },
        "product_reference": "tomcat-embed-9.0.87-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-embed-9.0.87-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.ppc64le"
        },
        "product_reference": "tomcat-embed-9.0.87-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-embed-9.0.87-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.s390x"
        },
        "product_reference": "tomcat-embed-9.0.87-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-embed-9.0.87-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.x86_64"
        },
        "product_reference": "tomcat-embed-9.0.87-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-9.0.87-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.aarch64"
        },
        "product_reference": "tomcat-javadoc-9.0.87-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-9.0.87-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.ppc64le"
        },
        "product_reference": "tomcat-javadoc-9.0.87-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-9.0.87-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.s390x"
        },
        "product_reference": "tomcat-javadoc-9.0.87-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-9.0.87-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.x86_64"
        },
        "product_reference": "tomcat-javadoc-9.0.87-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.aarch64"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.s390x"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.x86_64"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-9.0.87-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.aarch64"
        },
        "product_reference": "tomcat-jsvc-9.0.87-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-9.0.87-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.ppc64le"
        },
        "product_reference": "tomcat-jsvc-9.0.87-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-9.0.87-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.s390x"
        },
        "product_reference": "tomcat-jsvc-9.0.87-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-9.0.87-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.x86_64"
        },
        "product_reference": "tomcat-jsvc-9.0.87-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.aarch64"
        },
        "product_reference": "tomcat-lib-9.0.87-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.ppc64le"
        },
        "product_reference": "tomcat-lib-9.0.87-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.s390x"
        },
        "product_reference": "tomcat-lib-9.0.87-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.x86_64"
        },
        "product_reference": "tomcat-lib-9.0.87-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.aarch64"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.s390x"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.x86_64"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.aarch64"
        },
        "product_reference": "tomcat-webapps-9.0.87-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.ppc64le"
        },
        "product_reference": "tomcat-webapps-9.0.87-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.s390x"
        },
        "product_reference": "tomcat-webapps-9.0.87-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.x86_64"
        },
        "product_reference": "tomcat-webapps-9.0.87-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-23672"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nOlder, EOL versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:tomcat-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-23672",
          "url": "https://www.suse.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221385 for CVE-2024-23672",
          "url": "https://bugzilla.suse.com/1221385"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24549"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:tomcat-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.x86_64",
          "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.aarch64",
          "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.ppc64le",
          "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.s390x",
          "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24549",
          "url": "https://www.suse.com/security/cve/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221386 for CVE-2024-24549",
          "url": "https://bugzilla.suse.com/1221386"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-admin-webapps-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-docs-webapp-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-el-3_0-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-embed-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-javadoc-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-jsp-2_3-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-jsvc-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-lib-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-servlet-4_0-api-9.0.87-1.1.x86_64",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.aarch64",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.ppc64le",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.s390x",
            "openSUSE Tumbleweed:tomcat-webapps-9.0.87-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24549"
    }
  ]
}

wid-sec-w-2024-1238

Vulnerability from csaf_certbund

Published

2024-05-27 22:00

Modified

2024-05-27 22:00

Summary

HPE HP-UX: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

HP-UX ist ein Unix Betriebssystem von HP.

Angriff

Ein anonymer oder lokaler Angreifer kann mehrere Schwachstellen in HPE HP-UX Tomcat Servlet Engine ausnutzen, um Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "HP-UX ist ein Unix Betriebssystem von HP.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein anonymer oder lokaler Angreifer kann mehrere Schwachstellen in HPE HP-UX Tomcat Servlet Engine ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1238 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1238.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1238 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1238"
      },
      {
        "category": "external",
        "summary": "HPE Security Bulletin HPESBUX04652 rev.1 vom 2024-05-27",
        "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbux04652en_us\u0026docLocale=en_US"
      }
    ],
    "source_lang": "en-US",
    "title": "HPE HP-UX: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-05-27T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:09:34.846+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1238",
      "initial_release_date": "2024-05-27T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-05-27T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Apache Tomcat 9 Servlet Engine \u003cD.9.0.87.01",
                "product": {
                  "name": "HPE HP-UX Apache Tomcat 9 Servlet Engine \u003cD.9.0.87.01",
                  "product_id": "T035072"
                }
              }
            ],
            "category": "product_name",
            "name": "HP-UX"
          }
        ],
        "category": "vendor",
        "name": "HPE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-12616",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2017-12616"
    },
    {
      "cve": "CVE-2017-12617",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2017-12617"
    },
    {
      "cve": "CVE-2021-30639",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2021-30639"
    },
    {
      "cve": "CVE-2021-30640",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2021-30640"
    },
    {
      "cve": "CVE-2021-33037",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2021-33037"
    },
    {
      "cve": "CVE-2021-41079",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2021-41079"
    },
    {
      "cve": "CVE-2021-42340",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2021-42340"
    },
    {
      "cve": "CVE-2021-43980",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2021-43980"
    },
    {
      "cve": "CVE-2022-23181",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2022-23181"
    },
    {
      "cve": "CVE-2022-29885",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2022-29885"
    },
    {
      "cve": "CVE-2022-34305",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2022-34305"
    },
    {
      "cve": "CVE-2022-42252",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2022-42252"
    },
    {
      "cve": "CVE-2022-45143",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2022-45143"
    },
    {
      "cve": "CVE-2023-24998",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2023-24998"
    },
    {
      "cve": "CVE-2023-28708",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2023-28708"
    },
    {
      "cve": "CVE-2023-28709",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2023-28709"
    },
    {
      "cve": "CVE-2023-34981",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2023-34981"
    },
    {
      "cve": "CVE-2023-41080",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2023-41080"
    },
    {
      "cve": "CVE-2023-42794",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2023-42794"
    },
    {
      "cve": "CVE-2023-42795",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2023-42795"
    },
    {
      "cve": "CVE-2023-44487",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-45648",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2023-45648"
    },
    {
      "cve": "CVE-2023-46589",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2024-23672",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in HPE HP-UX in der Tomcat-basierten Servlet-Engine. Ein anonymer oder lokaler Angreifer kann diese ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen oder Dateien zu manipulieren. Einige dieser Schwachstellen erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
        }
      ],
      "release_date": "2024-05-27T22:00:00.000+00:00",
      "title": "CVE-2024-24549"
    }
  ]
}

wid-sec-w-2024-3377

Vulnerability from csaf_certbund

Published

2024-11-07 23:00

Modified

2025-08-04 22:00

Summary

Dell PowerProtect Data Domain: Mehrere Schwachstellen

Notes

Produktbeschreibung

Dell PowerProtect Data Domain Appliances sind speziell für Backup und Daten-Deduplizierung ausgelegte Systeme.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um seine Privilegien zu erhöhen, Informationen offenzulegen und um nicht näher beschriebene Auswirkungen zu erzielen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Dell PowerProtect Data Domain Appliances sind speziell f\u00fcr Backup und Daten-Deduplizierung ausgelegte Systeme.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Dell PowerProtect Data Domain ausnutzen, um seine Privilegien zu erh\u00f6hen, Informationen offenzulegen und um nicht n\u00e4her beschriebene Auswirkungen zu erzielen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3377 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3377.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3377 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3377"
      },
      {
        "category": "external",
        "summary": "Dell Security Update",
        "url": "https://www.dell.com/support/kbdoc/de-de/000245360/dsa-2024-424-security-update-for-dell-pdsa-2024-424-security-update-for-dell-powerprotect-dd-vulnerabilityowerprotect-dd-vulnerability"
      },
      {
        "category": "external",
        "summary": "Security Update for Dell PowerProtect Data Domain",
        "url": "https://www.dell.com/support/kbdoc/en-us/000348708/dsa-2025-159-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities"
      }
    ],
    "source_lang": "en-US",
    "title": "Dell PowerProtect Data Domain: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-08-04T22:00:00.000+00:00",
      "generator": {
        "date": "2025-08-05T07:21:01.974+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2024-3377",
      "initial_release_date": "2024-11-07T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-11-07T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-08-04T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c8.1.0.0",
                "product": {
                  "name": "Dell PowerProtect Data Domain \u003c8.1.0.0",
                  "product_id": "T038861"
                }
              },
              {
                "category": "product_version",
                "name": "8.1.0.0",
                "product": {
                  "name": "Dell PowerProtect Data Domain 8.1.0.0",
                  "product_id": "T038861-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:powerprotect_data_domain:8.1.0.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.13.1.10",
                "product": {
                  "name": "Dell PowerProtect Data Domain \u003c7.13.1.10",
                  "product_id": "T038862"
                }
              },
              {
                "category": "product_version",
                "name": "7.13.1.10",
                "product": {
                  "name": "Dell PowerProtect Data Domain 7.13.1.10",
                  "product_id": "T038862-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:powerprotect_data_domain:7.13.1.10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.10.1.40",
                "product": {
                  "name": "Dell PowerProtect Data Domain \u003c7.10.1.40",
                  "product_id": "T038863"
                }
              },
              {
                "category": "product_version",
                "name": "7.10.1.40",
                "product": {
                  "name": "Dell PowerProtect Data Domain 7.10.1.40",
                  "product_id": "T038863-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:powerprotect_data_domain:7.10.1.40"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.7.5.50",
                "product": {
                  "name": "Dell PowerProtect Data Domain \u003c7.7.5.50",
                  "product_id": "T038864"
                }
              },
              {
                "category": "product_version",
                "name": "7.7.5.50",
                "product": {
                  "name": "Dell PowerProtect Data Domain 7.7.5.50",
                  "product_id": "T038864-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:powerprotect_data_domain:7.7.5.50"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Dell PowerProtect Data Domain",
                "product": {
                  "name": "Dell PowerProtect Data Domain",
                  "product_id": "T045852",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:powerprotect_data_domain:-"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "PowerProtect Data Domain"
          },
          {
            "category": "product_name",
            "name": "Dell PowerProtect Data Domain Management Center",
            "product": {
              "name": "Dell PowerProtect Data Domain Management Center",
              "product_id": "T045853",
              "product_identification_helper": {
                "cpe": "cpe:/a:dell:powerprotect_data_domain_management_center:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Dell PowerProtect Data Domain OS",
            "product": {
              "name": "Dell PowerProtect Data Domain OS",
              "product_id": "T045854",
              "product_identification_helper": {
                "cpe": "cpe:/o:dell:powerprotect_data_domain_os:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Dell"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-45759",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-45759"
    },
    {
      "cve": "CVE-2024-48010",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-48010"
    },
    {
      "cve": "CVE-2024-48011",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-48011"
    },
    {
      "cve": "CVE-2017-16829",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2017-16829"
    },
    {
      "cve": "CVE-2017-5849",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2017-5849"
    },
    {
      "cve": "CVE-2018-7208",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2018-7208"
    },
    {
      "cve": "CVE-2019-14889",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2019-14889"
    },
    {
      "cve": "CVE-2020-12912",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2020-12912"
    },
    {
      "cve": "CVE-2020-16135",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2020-16135"
    },
    {
      "cve": "CVE-2020-1730",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2020-1730"
    },
    {
      "cve": "CVE-2020-24455",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2020-24455"
    },
    {
      "cve": "CVE-2020-8694",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2020-8694"
    },
    {
      "cve": "CVE-2020-8695",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2020-8695"
    },
    {
      "cve": "CVE-2021-27219",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2021-27219"
    },
    {
      "cve": "CVE-2021-3565",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2021-3565"
    },
    {
      "cve": "CVE-2021-3634",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2021-3634"
    },
    {
      "cve": "CVE-2022-1210",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-1210"
    },
    {
      "cve": "CVE-2022-1622",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-1622"
    },
    {
      "cve": "CVE-2022-1996",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-1996"
    },
    {
      "cve": "CVE-2022-22576",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-22576"
    },
    {
      "cve": "CVE-2022-25313",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-25313"
    },
    {
      "cve": "CVE-2022-27774",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-27774"
    },
    {
      "cve": "CVE-2022-27775",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-27775"
    },
    {
      "cve": "CVE-2022-27776",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-27776"
    },
    {
      "cve": "CVE-2022-27781",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-27781"
    },
    {
      "cve": "CVE-2022-27782",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-27782"
    },
    {
      "cve": "CVE-2022-29361",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-29361"
    },
    {
      "cve": "CVE-2022-32205",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-32205"
    },
    {
      "cve": "CVE-2022-32206",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-32206"
    },
    {
      "cve": "CVE-2022-32207",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-32207"
    },
    {
      "cve": "CVE-2022-32208",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-32208"
    },
    {
      "cve": "CVE-2022-32221",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-32221"
    },
    {
      "cve": "CVE-2022-35252",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-35252"
    },
    {
      "cve": "CVE-2022-40023",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-40023"
    },
    {
      "cve": "CVE-2022-40090",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-40090"
    },
    {
      "cve": "CVE-2022-42915",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-42915"
    },
    {
      "cve": "CVE-2022-42916",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-42916"
    },
    {
      "cve": "CVE-2022-43551",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-43551"
    },
    {
      "cve": "CVE-2022-43552",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-43552"
    },
    {
      "cve": "CVE-2022-4603",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-4603"
    },
    {
      "cve": "CVE-2022-48064",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-48064"
    },
    {
      "cve": "CVE-2022-48624",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2022-48624"
    },
    {
      "cve": "CVE-2023-0461",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-0461"
    },
    {
      "cve": "CVE-2023-1667",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-1667"
    },
    {
      "cve": "CVE-2023-1916",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-1916"
    },
    {
      "cve": "CVE-2023-20592",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-20592"
    },
    {
      "cve": "CVE-2023-2137",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-2137"
    },
    {
      "cve": "CVE-2023-22745",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-22745"
    },
    {
      "cve": "CVE-2023-2283",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-2283"
    },
    {
      "cve": "CVE-2023-23914",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-23914"
    },
    {
      "cve": "CVE-2023-23915",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-23915"
    },
    {
      "cve": "CVE-2023-23916",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-23916"
    },
    {
      "cve": "CVE-2023-23934",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-23934"
    },
    {
      "cve": "CVE-2023-25577",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-25577"
    },
    {
      "cve": "CVE-2023-26965",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-26965"
    },
    {
      "cve": "CVE-2023-27043",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-27043"
    },
    {
      "cve": "CVE-2023-2731",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-2731"
    },
    {
      "cve": "CVE-2023-27533",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-27533"
    },
    {
      "cve": "CVE-2023-27534",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-27534"
    },
    {
      "cve": "CVE-2023-27535",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-27535"
    },
    {
      "cve": "CVE-2023-27536",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-27536"
    },
    {
      "cve": "CVE-2023-27538",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-27538"
    },
    {
      "cve": "CVE-2023-28319",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-28319"
    },
    {
      "cve": "CVE-2023-28320",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-28320"
    },
    {
      "cve": "CVE-2023-28321",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-28321"
    },
    {
      "cve": "CVE-2023-28322",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-28322"
    },
    {
      "cve": "CVE-2023-31083",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-31083"
    },
    {
      "cve": "CVE-2023-34055",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-34055"
    },
    {
      "cve": "CVE-2023-35116",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-35116"
    },
    {
      "cve": "CVE-2023-38286",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-38286"
    },
    {
      "cve": "CVE-2023-38469",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-38469"
    },
    {
      "cve": "CVE-2023-38471",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-38471"
    },
    {
      "cve": "CVE-2023-38472",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-38472"
    },
    {
      "cve": "CVE-2023-38545",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-38545"
    },
    {
      "cve": "CVE-2023-38546",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-38546"
    },
    {
      "cve": "CVE-2023-39197",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-39197"
    },
    {
      "cve": "CVE-2023-39198",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-39198"
    },
    {
      "cve": "CVE-2023-39804",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-39804"
    },
    {
      "cve": "CVE-2023-40217",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-40217"
    },
    {
      "cve": "CVE-2023-42465",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-42465"
    },
    {
      "cve": "CVE-2023-4255",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-4255"
    },
    {
      "cve": "CVE-2023-45139",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-45139"
    },
    {
      "cve": "CVE-2023-45322",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-45322"
    },
    {
      "cve": "CVE-2023-45863",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-45863"
    },
    {
      "cve": "CVE-2023-45871",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-45871"
    },
    {
      "cve": "CVE-2023-46136",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-46136"
    },
    {
      "cve": "CVE-2023-46218",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-46218"
    },
    {
      "cve": "CVE-2023-46219",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-46219"
    },
    {
      "cve": "CVE-2023-46751",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-46751"
    },
    {
      "cve": "CVE-2023-48795",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-49083",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-49083"
    },
    {
      "cve": "CVE-2023-50447",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-50447"
    },
    {
      "cve": "CVE-2023-5049",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-5049"
    },
    {
      "cve": "CVE-2023-50495",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-50495"
    },
    {
      "cve": "CVE-2023-50782",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-50782"
    },
    {
      "cve": "CVE-2023-51257",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-51257"
    },
    {
      "cve": "CVE-2023-52425",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-52426",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-52426"
    },
    {
      "cve": "CVE-2023-5678",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-5717",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-5717"
    },
    {
      "cve": "CVE-2023-5752",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-5752"
    },
    {
      "cve": "CVE-2023-6004",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-6004"
    },
    {
      "cve": "CVE-2023-6597",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-6597"
    },
    {
      "cve": "CVE-2023-6918",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-6918"
    },
    {
      "cve": "CVE-2023-7207",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2023-7207"
    },
    {
      "cve": "CVE-2024-0450",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-0450"
    },
    {
      "cve": "CVE-2024-0727",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-0727"
    },
    {
      "cve": "CVE-2024-0985",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-0985"
    },
    {
      "cve": "CVE-2024-21626",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-21626"
    },
    {
      "cve": "CVE-2024-22195",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-22195"
    },
    {
      "cve": "CVE-2024-22365",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-22365"
    },
    {
      "cve": "CVE-2024-23651",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-23651"
    },
    {
      "cve": "CVE-2024-23652",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-23652"
    },
    {
      "cve": "CVE-2024-23653",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-23653"
    },
    {
      "cve": "CVE-2024-23672",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-25062",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-26130",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-26130"
    },
    {
      "cve": "CVE-2024-26458",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-26458"
    },
    {
      "cve": "CVE-2024-26461",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-26461"
    },
    {
      "cve": "CVE-2024-28085",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-28085"
    },
    {
      "cve": "CVE-2024-28182",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28219",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-28219"
    },
    {
      "cve": "CVE-2024-28757",
      "product_status": {
        "known_affected": [
          "T045853",
          "T045852",
          "T045854",
          "T038864",
          "T038863",
          "T038862",
          "T038861"
        ]
      },
      "release_date": "2024-11-07T23:00:00.000+00:00",
      "title": "CVE-2024-28757"
    }
  ]
}

wid-sec-w-2024-0769

Vulnerability from csaf_certbund

Published

2024-04-02 22:00

Modified

2024-11-07 23:00

Summary

IBM Rational Build Forge: Mehrere Schwachstellen

Notes

Produktbeschreibung

IBM Rational Build Forge ist ein Framework zur Automatisierung und Standardisierung des Softwareerstellungsprozesses

Angriff

Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Rational Build Forge ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuführen.

Betroffene Betriebssysteme

- Linux - Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "IBM Rational Build Forge ist ein Framework zur Automatisierung und Standardisierung des Softwareerstellungsprozesses",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Rational Build Forge ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0769 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0769.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0769 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0769"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin vom 2024-04-02",
        "url": "https://www.ibm.com/support/pages/node/7145704"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:3949-1 vom 2024-11-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019796.html"
      }
    ],
    "source_lang": "en-US",
    "title": "IBM Rational Build Forge: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-11-07T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-08T11:11:40.811+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-0769",
      "initial_release_date": "2024-04-02T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-04-02T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-11-07T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c8.0.0.26",
                "product": {
                  "name": "IBM Rational Build Forge \u003c8.0.0.26",
                  "product_id": "T033838"
                }
              },
              {
                "category": "product_version",
                "name": "8.0.0.26",
                "product": {
                  "name": "IBM Rational Build Forge 8.0.0.26",
                  "product_id": "T033838-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:rational_build_forge:8.0.0.26"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Rational Build Forge"
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-22067",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-22067"
    },
    {
      "cve": "CVE-2023-22081",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-22081"
    },
    {
      "cve": "CVE-2023-31122",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-31122"
    },
    {
      "cve": "CVE-2023-33850",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-33850"
    },
    {
      "cve": "CVE-2023-43622",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-43622"
    },
    {
      "cve": "CVE-2023-45802",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-45802"
    },
    {
      "cve": "CVE-2023-46589",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2023-5676",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-5676"
    },
    {
      "cve": "CVE-2023-5678",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-5678"
    },
    {
      "cve": "CVE-2023-6129",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-6129"
    },
    {
      "cve": "CVE-2023-6237",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-6237"
    },
    {
      "cve": "CVE-2023-6710",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2023-6710"
    },
    {
      "cve": "CVE-2024-0727",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2024-0727"
    },
    {
      "cve": "CVE-2024-20918",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2024-20918"
    },
    {
      "cve": "CVE-2024-20919",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2024-20919"
    },
    {
      "cve": "CVE-2024-20921",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2024-20921"
    },
    {
      "cve": "CVE-2024-20926",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2024-20926"
    },
    {
      "cve": "CVE-2024-20945",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2024-20945"
    },
    {
      "cve": "CVE-2024-20952",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2024-20952"
    },
    {
      "cve": "CVE-2024-21733",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2024-21733"
    },
    {
      "cve": "CVE-2024-23672",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "notes": [
        {
          "category": "description",
          "text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
        }
      ],
      "product_status": {
        "known_affected": [
          "T002207",
          "T033838"
        ]
      },
      "release_date": "2024-04-02T22:00:00.000+00:00",
      "title": "CVE-2024-24549"
    }
  ]
}

wid-sec-w-2024-0630

Vulnerability from csaf_certbund

Published

2024-03-13 23:00

Modified

2025-06-09 22:00

Summary

Apache Tomcat: Mehrere Schwachstellen ermöglichen Denial of Service

Notes

Produktbeschreibung

Apache Tomcat ist ein Web-Applikationsserver für verschiedene Plattformen.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache Tomcat ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Apache Tomcat ist ein Web-Applikationsserver f\u00fcr verschiedene Plattformen.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apache Tomcat ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0630 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0630.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0630 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0630"
      },
      {
        "category": "external",
        "summary": "Apache Pony Mail vom 2024-03-13",
        "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
      },
      {
        "category": "external",
        "summary": "Apache Pony Mail vom 2024-03-13",
        "url": "https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg"
      },
      {
        "category": "external",
        "summary": "oss-sec mailing list archives vom 2024-03-13",
        "url": "https://seclists.org/oss-sec/2024/q1/225"
      },
      {
        "category": "external",
        "summary": "oss-sec mailing list archives vom 2024-03-13",
        "url": "https://seclists.org/oss-sec/2024/q1/226"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1319 vom 2024-03-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:1319"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1318 vom 2024-03-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:1318"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1325 vom 2024-03-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:1325"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1324 vom 2024-03-18",
        "url": "https://access.redhat.com/errata/RHSA-2024:1324"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7147535 vom 2024-04-05",
        "url": "https://www.ibm.com/support/pages/node/7147535"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3779 vom 2024-04-06",
        "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1205-1 vom 2024-04-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018318.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1204-1 vom 2024-04-11",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018319.html"
      },
      {
        "category": "external",
        "summary": "SEM 2024.2 release notes vom 2024-04-17",
        "url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2024-2_release_notes.htm"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7148395 vom 2024-04-16",
        "url": "https://www.ibm.com/support/pages/node/7148395"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7148394 vom 2024-04-16",
        "url": "https://www.ibm.com/support/pages/node/7148394"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASTOMCAT8.5-2024-019 vom 2024-04-18",
        "url": "https://alas.aws.amazon.com/AL2/ALASTOMCAT8.5-2024-019.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5665 vom 2024-04-18",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00074.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALASTOMCAT9-2024-013 vom 2024-04-18",
        "url": "https://alas.aws.amazon.com/AL2/ALASTOMCAT9-2024-013.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-2514 vom 2024-04-18",
        "url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2514.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:1345-1 vom 2024-04-18",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018380.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-5667 vom 2024-04-19",
        "url": "https://lists.debian.org/debian-security-announce/2024/msg00076.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1913 vom 2024-05-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:1913"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1914 vom 2024-05-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:1914"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1916 vom 2024-05-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:1916"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:1917 vom 2024-05-07",
        "url": "https://access.redhat.com/errata/RHSA-2024:1917"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7153639 vom 2024-05-17",
        "url": "https://www.ibm.com/support/pages/node/7153639"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3307 vom 2024-05-23",
        "url": "https://access.redhat.com/errata/RHSA-2024:3307"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3308 vom 2024-05-23",
        "url": "https://access.redhat.com/errata/RHSA-2024:3308"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-3307 vom 2024-05-24",
        "url": "https://linux.oracle.com/errata/ELSA-2024-3307.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-2BF73514CD vom 2024-05-28",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-2bf73514cd"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3666 vom 2024-06-06",
        "url": "https://access.redhat.com/errata/RHSA-2024:3666"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-3666 vom 2024-06-07",
        "url": "http://linux.oracle.com/errata/ELSA-2024-3666.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-C404B99F19 vom 2024-06-07",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-c404b99f19"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3814 vom 2024-06-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:3814"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2024:3307 vom 2024-06-14",
        "url": "https://errata.build.resf.org/RLSA-2024:3307"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7156538 vom 2024-06-19",
        "url": "https://www.ibm.com/support/pages/node/7156538"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS-2024-1941 vom 2024-06-24",
        "url": "https://alas.aws.amazon.com/ALAS-2024-1941.html"
      },
      {
        "category": "external",
        "summary": "Camunda 7 Docs",
        "url": "https://docs.camunda.org/security/notices/#notice-113"
      },
      {
        "category": "external",
        "summary": "IBM Security Bulletin 7166855 vom 2024-08-29",
        "url": "https://www.ibm.com/support/pages/node/7166855"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-423 vom 2024-10-11",
        "url": "https://www.dell.com/support/kbdoc/de-de/000235068/dsa-2024-423-security-update-for-dell-networker-and-networker-management-console-nmc-multiple-component-vulnerabilities"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7106-1 vom 2024-11-18",
        "url": "https://ubuntu.com/security/notices/USN-7106-1"
      },
      {
        "category": "external",
        "summary": "Atlassian November 2024 Security Bulletin vom 2024-11-19",
        "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1456179091"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7562-1 vom 2025-06-10",
        "url": "https://ubuntu.com/security/notices/USN-7562-1"
      }
    ],
    "source_lang": "en-US",
    "title": "Apache Tomcat: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2025-06-09T22:00:00.000+00:00",
      "generator": {
        "date": "2025-06-10T08:19:22.866+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2024-0630",
      "initial_release_date": "2024-03-13T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-03-13T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-03-17T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-03-18T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-04-04T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von IBM-APAR und IBM aufgenommen"
        },
        {
          "date": "2024-04-07T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-04-11T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-04-16T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-04-17T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Amazon und Debian aufgenommen"
        },
        {
          "date": "2024-04-18T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-04-21T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-05-07T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-16T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-05-22T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-23T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-05-28T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2024-06-05T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-06T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-06-09T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2024-06-11T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-06-16T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2024-06-19T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-06-24T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2024-07-01T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2024-08-29T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von IBM aufgenommen"
        },
        {
          "date": "2024-10-10T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Dell aufgenommen"
        },
        {
          "date": "2024-11-17T23:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2024-11-19T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2025-06-09T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        }
      ],
      "status": "final",
      "version": "28"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c11.0.0-M17",
                "product": {
                  "name": "Apache Tomcat \u003c11.0.0-M17",
                  "product_id": "T033484"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.0-M17",
                "product": {
                  "name": "Apache Tomcat 11.0.0-M17",
                  "product_id": "T033484-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:11.0.0-m17"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.19",
                "product": {
                  "name": "Apache Tomcat \u003c10.1.19",
                  "product_id": "T033485"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.19",
                "product": {
                  "name": "Apache Tomcat 10.1.19",
                  "product_id": "T033485-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:10.1.19"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c9.0.86",
                "product": {
                  "name": "Apache Tomcat \u003c9.0.86",
                  "product_id": "T033486"
                }
              },
              {
                "category": "product_version",
                "name": "9.0.86",
                "product": {
                  "name": "Apache Tomcat 9.0.86",
                  "product_id": "T033486-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:9.0.86"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.5.99",
                "product": {
                  "name": "Apache Tomcat \u003c8.5.99",
                  "product_id": "T033487"
                }
              },
              {
                "category": "product_version",
                "name": "8.5.99",
                "product": {
                  "name": "Apache Tomcat 8.5.99",
                  "product_id": "T033487-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:apache:tomcat:8.5.99"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Tomcat"
          }
        ],
        "category": "vendor",
        "name": "Apache"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Atlassian Bitbucket",
            "product": {
              "name": "Atlassian Bitbucket",
              "product_id": "T021356",
              "product_identification_helper": {
                "cpe": "cpe:/a:atlassian:bitbucket:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Atlassian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c19.10.0.5",
                "product": {
                  "name": "Dell NetWorker \u003c19.10.0.5",
                  "product_id": "T038270"
                }
              },
              {
                "category": "product_version",
                "name": "19.10.0.5",
                "product": {
                  "name": "Dell NetWorker 19.10.0.5",
                  "product_id": "T038270-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:networker:19.10.0.5"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "NetWorker"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "IBM FlashSystem",
            "product": {
              "name": "IBM FlashSystem",
              "product_id": "T025159",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:flashsystem:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=10.1.0.3",
                "product": {
                  "name": "IBM Integration Bus \u003c=10.1.0.3",
                  "product_id": "T033332"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=10.1.0.3",
                "product": {
                  "name": "IBM Integration Bus \u003c=10.1.0.3",
                  "product_id": "T033332-fixed"
                }
              }
            ],
            "category": "product_name",
            "name": "Integration Bus"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "v10",
                "product": {
                  "name": "IBM Power Hardware Management Console v10",
                  "product_id": "T023373",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:hardware_management_console:v10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Power Hardware Management Console"
          },
          {
            "category": "product_name",
            "name": "IBM SAN Volume Controller",
            "product": {
              "name": "IBM SAN Volume Controller",
              "product_id": "T020642",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:san_volume_controller:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "12",
                "product": {
                  "name": "IBM Security Guardium 12.0",
                  "product_id": "T031092",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:ibm:security_guardium:12.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Security Guardium"
          },
          {
            "category": "product_name",
            "name": "IBM Storwize",
            "product": {
              "name": "IBM Storwize",
              "product_id": "T021621",
              "product_identification_helper": {
                "cpe": "cpe:/a:ibm:storwize:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "IBM"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c7.21.3",
                "product": {
                  "name": "Open Source Camunda \u003c7.21.3",
                  "product_id": "T035710"
                }
              },
              {
                "category": "product_version",
                "name": "7.21.3",
                "product": {
                  "name": "Open Source Camunda 7.21.3",
                  "product_id": "T035710-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:camunda:camunda:7.21.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.20.7",
                "product": {
                  "name": "Open Source Camunda \u003c7.20.7",
                  "product_id": "T035711"
                }
              },
              {
                "category": "product_version",
                "name": "7.20.7",
                "product": {
                  "name": "Open Source Camunda 7.20.7",
                  "product_id": "T035711-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:camunda:camunda:7.20.7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.19.14",
                "product": {
                  "name": "Open Source Camunda \u003c7.19.14",
                  "product_id": "T035712"
                }
              },
              {
                "category": "product_version",
                "name": "7.19.14",
                "product": {
                  "name": "Open Source Camunda 7.19.14",
                  "product_id": "T035712-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:camunda:camunda:7.19.14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.22.0-alpha3",
                "product": {
                  "name": "Open Source Camunda \u003c7.22.0-alpha3",
                  "product_id": "T035713"
                }
              },
              {
                "category": "product_version",
                "name": "7.22.0-alpha3",
                "product": {
                  "name": "Open Source Camunda 7.22.0-alpha3",
                  "product_id": "T035713-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:camunda:camunda:7.22.0-alpha3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Camunda"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2024.2",
                "product": {
                  "name": "SolarWinds Security Event Manager \u003c2024.2",
                  "product_id": "T034244"
                }
              },
              {
                "category": "product_version",
                "name": "2024.2",
                "product": {
                  "name": "SolarWinds Security Event Manager 2024.2",
                  "product_id": "T034244-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:solarwinds:security_event_manager:2024.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Security Event Manager"
          }
        ],
        "category": "vendor",
        "name": "SolarWinds"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "product_status": {
        "known_affected": [
          "T035713",
          "T035712",
          "T035711",
          "T035710",
          "67646",
          "T004914",
          "T033332",
          "T034244",
          "T020642",
          "T021356",
          "T031092",
          "398363",
          "T025159",
          "T023373",
          "T033486",
          "T032255",
          "T033487",
          "74185",
          "T033484",
          "T033485",
          "T021621",
          "2951",
          "T002207",
          "T000126",
          "T038270"
        ]
      },
      "release_date": "2024-03-13T23:00:00.000+00:00",
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "product_status": {
        "known_affected": [
          "T035713",
          "T035712",
          "T035711",
          "T035710",
          "67646",
          "T004914",
          "T033332",
          "T034244",
          "T020642",
          "T021356",
          "T031092",
          "398363",
          "T025159",
          "T023373",
          "T033486",
          "T032255",
          "T033487",
          "74185",
          "T033484",
          "T033485",
          "T021621",
          "2951",
          "T002207",
          "T000126",
          "T038270"
        ]
      },
      "release_date": "2024-03-13T23:00:00.000+00:00",
      "title": "CVE-2024-24549"
    }
  ]
}

wid-sec-w-2024-1210

Vulnerability from csaf_certbund

Published

2024-05-21 22:00

Modified

2024-06-03 22:00

Summary

Atlassian Confluence: Mehrere Schwachstellen

Notes

Produktbeschreibung

Confluence ist eine kommerzielle Wiki-Software.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um beliebigen Programmcode auszuführen, um vertrauliche Informationen offenzulegen und um einen Denial-of-Service-Zustand zu erzeugen.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Confluence ist eine kommerzielle Wiki-Software.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Atlassian Confluence ausnutzen, um beliebigen Programmcode auszuf\u00fchren, um vertrauliche Informationen offenzulegen und um einen Denial-of-Service-Zustand zu erzeugen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1210 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1210.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1210 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1210"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Bulletin May 2024 vom 2024-05-21",
        "url": "https://confluence.atlassian.com/security/security-bulletin-may-21-2024-1387867145.html"
      },
      {
        "category": "external",
        "summary": "Atlassian Vulnerability CONFSERVER-95839 vom 2024-05-21",
        "url": "https://jira.atlassian.com/browse/CONFSERVER-95839"
      },
      {
        "category": "external",
        "summary": "Atlassian Vulnerability CONFSERVER-95837 vom 2024-05-21",
        "url": "https://jira.atlassian.com/browse/CONFSERVER-95837"
      },
      {
        "category": "external",
        "summary": "Atlassian Vulnerability CONFSERVER-95832 vom 2024-05-21",
        "url": "https://jira.atlassian.com/browse/CONFSERVER-95832"
      },
      {
        "category": "external",
        "summary": "Atlassian Vulnerability CONFSERVER-95835 vom 2024-05-21",
        "url": "https://jira.atlassian.com/browse/CONFSERVER-95835"
      },
      {
        "category": "external",
        "summary": "Atlassian Vulnerability CONFSERVER-95834 vom 2024-05-21",
        "url": "https://jira.atlassian.com/browse/CONFSERVER-95834"
      },
      {
        "category": "external",
        "summary": "Poc auf GitHub vom 2024-06-03",
        "url": "https://github.com/W01fh4cker/CVE-2024-21683-RCE"
      }
    ],
    "source_lang": "en-US",
    "title": "Atlassian Confluence: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-06-03T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:09:26.261+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1210",
      "initial_release_date": "2024-05-21T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-06-03T22:00:00.000+00:00",
          "number": "2",
          "summary": "PoC aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c8.9.0",
                "product": {
                  "name": "Atlassian Confluence \u003c8.9.0",
                  "product_id": "T034974"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.5.9",
                "product": {
                  "name": "Atlassian Confluence \u003c8.5.9",
                  "product_id": "T034975"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c7.19.22",
                "product": {
                  "name": "Atlassian Confluence \u003c7.19.22",
                  "product_id": "T034976"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c8.9.1",
                "product": {
                  "name": "Atlassian Confluence \u003c8.9.1",
                  "product_id": "T034977"
                }
              }
            ],
            "category": "product_name",
            "name": "Confluence"
          }
        ],
        "category": "vendor",
        "name": "Atlassian"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-1597",
      "notes": [
        {
          "category": "description",
          "text": "In Atlassian Confluence existieren mehrere Schwachstellen. Einer dieser Fehler besteht im PostgreSQL JDBC-Treiber im Nicht-Standardmodus und erm\u00f6glicht eine SQL-Injection. Zurzeit gibt es keine weiteren Informationen \u00fcber die andere Scwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2024-05-21T22:00:00.000+00:00",
      "title": "CVE-2024-1597"
    },
    {
      "cve": "CVE-2024-21683",
      "notes": [
        {
          "category": "description",
          "text": "In Atlassian Confluence existieren mehrere Schwachstellen. Einer dieser Fehler besteht im PostgreSQL JDBC-Treiber im Nicht-Standardmodus und erm\u00f6glicht eine SQL-Injection. Zurzeit gibt es keine weiteren Informationen \u00fcber die andere Scwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "release_date": "2024-05-21T22:00:00.000+00:00",
      "title": "CVE-2024-21683"
    },
    {
      "cve": "CVE-2024-23672",
      "notes": [
        {
          "category": "description",
          "text": "In Atlassian Confluence existieren mehrere Schwachstellen in der Apache Tomcat Komponente. Diese bestehen aufgrund unsachgem\u00e4\u00dfer Eingabevalidierung bzw. -bereinigung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "release_date": "2024-05-21T22:00:00.000+00:00",
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "notes": [
        {
          "category": "description",
          "text": "In Atlassian Confluence existieren mehrere Schwachstellen in der Apache Tomcat Komponente. Diese bestehen aufgrund unsachgem\u00e4\u00dfer Eingabevalidierung bzw. -bereinigung. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "release_date": "2024-05-21T22:00:00.000+00:00",
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2023-45859",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Atlassian Confluence. Diese Schwachstelle betrifft Hazelcast aufgrund einer unsachgem\u00e4\u00dfen Berechtigungspr\u00fcfung. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um im Cluster gespeicherte Daten offenzulegen."
        }
      ],
      "release_date": "2024-05-21T22:00:00.000+00:00",
      "title": "CVE-2023-45859"
    }
  ]
}

wid-sec-w-2024-3195

Vulnerability from csaf_certbund

Published

2024-10-15 22:00

Modified

2024-10-15 22:00

Summary

Oracle Communications: Mehrere Schwachstellen

Notes

Produktbeschreibung

Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.

Angriff

Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Communications umfasst branchenspezifische L\u00f6sungen f\u00fcr die Telekommunikationsbranche.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3195 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3195.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3195 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3195"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - October 2024 - Appendix Oracle Communications vom 2024-10-15",
        "url": "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixCGBU"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Communications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-10-15T22:00:00.000+00:00",
      "generator": {
        "date": "2024-10-16T10:12:35.400+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-3195",
      "initial_release_date": "2024-10-15T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-10-15T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "9.1.1.3.0",
                "product": {
                  "name": "Oracle Communications 9.1.1.3.0",
                  "product_id": "T027333",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.1.1.3.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.6.1.0.0",
                "product": {
                  "name": "Oracle Communications 12.6.1.0.0",
                  "product_id": "T027338",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:12.6.1.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5.1",
                "product": {
                  "name": "Oracle Communications 5.1",
                  "product_id": "T028684",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "15.0.0.0.0",
                "product": {
                  "name": "Oracle Communications 15.0.0.0.0",
                  "product_id": "T032090",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:15.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.0",
                "product": {
                  "name": "Oracle Communications 23.4.0",
                  "product_id": "T032091",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.2",
                "product": {
                  "name": "Oracle Communications 23.4.2",
                  "product_id": "T034144",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "24.1.0",
                "product": {
                  "name": "Oracle Communications 24.1.0",
                  "product_id": "T034145",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5.2",
                "product": {
                  "name": "Oracle Communications 5.2",
                  "product_id": "T034146",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "24.1.0.0.0",
                "product": {
                  "name": "Oracle Communications 24.1.0.0.0",
                  "product_id": "T034147",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.1.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.3",
                "product": {
                  "name": "Oracle Communications 23.4.3",
                  "product_id": "T036195",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.4",
                "product": {
                  "name": "Oracle Communications 23.4.4",
                  "product_id": "T036196",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=24.2.0",
                "product": {
                  "name": "Oracle Communications \u003c=24.2.0",
                  "product_id": "T036197"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=24.2.0",
                "product": {
                  "name": "Oracle Communications \u003c=24.2.0",
                  "product_id": "T036197-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "4.1.0",
                "product": {
                  "name": "Oracle Communications 4.1.0",
                  "product_id": "T036205",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:4.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "4.2.0",
                "product": {
                  "name": "Oracle Communications 4.2.0",
                  "product_id": "T036206",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:4.2.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.2.0",
                "product": {
                  "name": "Oracle Communications 9.2.0",
                  "product_id": "T036207",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.2.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.3.0",
                "product": {
                  "name": "Oracle Communications 9.3.0",
                  "product_id": "T036208",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.3.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.11.0",
                "product": {
                  "name": "Oracle Communications 12.11.0",
                  "product_id": "T036209",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:12.11.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.0.1.10.0",
                "product": {
                  "name": "Oracle Communications 9.0.1.10.0",
                  "product_id": "T038373",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.0.1.10.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.5",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.5",
                  "product_id": "T038375"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.5",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.5",
                  "product_id": "T038375-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "24.2.1",
                "product": {
                  "name": "Oracle Communications 24.2.1",
                  "product_id": "T038376",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.2.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.6",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.6",
                  "product_id": "T038377"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.6",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.6",
                  "product_id": "T038377-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "24.1.1",
                "product": {
                  "name": "Oracle Communications 24.1.1",
                  "product_id": "T038378",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.1.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "24.2.2",
                "product": {
                  "name": "Oracle Communications 24.2.2",
                  "product_id": "T038379",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.2.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.1.5",
                "product": {
                  "name": "Oracle Communications 9.1.5",
                  "product_id": "T038380",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.1.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.1.0",
                "product": {
                  "name": "Oracle Communications 9.1.0",
                  "product_id": "T038381",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14",
                "product": {
                  "name": "Oracle Communications 14.0",
                  "product_id": "T038382",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:14.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.1.1.9.0",
                "product": {
                  "name": "Oracle Communications 9.1.1.9.0",
                  "product_id": "T038383",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.1.1.9.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.0.0.1",
                "product": {
                  "name": "Oracle Communications 14.0.0.1",
                  "product_id": "T038384",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:14.0.0.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "17.0.1",
                "product": {
                  "name": "Oracle Communications 17.0.1",
                  "product_id": "T038385",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:17.0.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.4.0.4",
                "product": {
                  "name": "Oracle Communications \u003c10.4.0.4",
                  "product_id": "T038386"
                }
              },
              {
                "category": "product_version",
                "name": "10.4.0.4",
                "product": {
                  "name": "Oracle Communications 10.4.0.4",
                  "product_id": "T038386-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:10.4.0.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=9.1.1.8.0",
                "product": {
                  "name": "Oracle Communications \u003c=9.1.1.8.0",
                  "product_id": "T038426"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=9.1.1.8.0",
                "product": {
                  "name": "Oracle Communications \u003c=9.1.1.8.0",
                  "product_id": "T038426-fixed"
                }
              }
            ],
            "category": "product_name",
            "name": "Communications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-2068",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2022-2068"
    },
    {
      "cve": "CVE-2022-23437",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2022-23437"
    },
    {
      "cve": "CVE-2022-2601",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2022-2601"
    },
    {
      "cve": "CVE-2022-36760",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2022-36760"
    },
    {
      "cve": "CVE-2023-2953",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2023-2953"
    },
    {
      "cve": "CVE-2023-3635",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2023-3635"
    },
    {
      "cve": "CVE-2023-38408",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2023-38408"
    },
    {
      "cve": "CVE-2023-4043",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2023-4043"
    },
    {
      "cve": "CVE-2023-46136",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2023-46136"
    },
    {
      "cve": "CVE-2023-48795",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-51775",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2023-51775"
    },
    {
      "cve": "CVE-2023-5685",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2023-5685"
    },
    {
      "cve": "CVE-2023-6597",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2023-6597"
    },
    {
      "cve": "CVE-2023-6816",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2023-6816"
    },
    {
      "cve": "CVE-2024-0450",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-0450"
    },
    {
      "cve": "CVE-2024-22020",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-22020"
    },
    {
      "cve": "CVE-2024-22257",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-22257"
    },
    {
      "cve": "CVE-2024-22262",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23672",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-2398",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-2398"
    },
    {
      "cve": "CVE-2024-25062",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-25638",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-25638"
    },
    {
      "cve": "CVE-2024-26308",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-28182",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28849",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-29025",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-29736",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-29736"
    },
    {
      "cve": "CVE-2024-29857",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-29857"
    },
    {
      "cve": "CVE-2024-30251",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-30251"
    },
    {
      "cve": "CVE-2024-31080",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-31080"
    },
    {
      "cve": "CVE-2024-31744",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-31744"
    },
    {
      "cve": "CVE-2024-32760",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-32760"
    },
    {
      "cve": "CVE-2024-33602",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-33602"
    },
    {
      "cve": "CVE-2024-34750",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-34750"
    },
    {
      "cve": "CVE-2024-37371",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-37371"
    },
    {
      "cve": "CVE-2024-37891",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-37891"
    },
    {
      "cve": "CVE-2024-38816",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-38816"
    },
    {
      "cve": "CVE-2024-40898",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-40898"
    },
    {
      "cve": "CVE-2024-43044",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-43044"
    },
    {
      "cve": "CVE-2024-45492",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-45492"
    },
    {
      "cve": "CVE-2024-4577",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-4577"
    },
    {
      "cve": "CVE-2024-4603",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-4603"
    },
    {
      "cve": "CVE-2024-5971",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-5971"
    },
    {
      "cve": "CVE-2024-6162",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-6162"
    },
    {
      "cve": "CVE-2024-6387",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-6387"
    },
    {
      "cve": "CVE-2024-7254",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "T036206",
          "T036207",
          "T036208",
          "T034147",
          "T038386",
          "T034146",
          "T034145",
          "T034144",
          "T038382",
          "T038383",
          "T038384",
          "T038385",
          "T038380",
          "T038381",
          "T027338",
          "T027333",
          "T028684",
          "T038379",
          "T038376",
          "T038378",
          "T036195",
          "T038373",
          "T036196",
          "T032090",
          "T032091"
        ],
        "last_affected": [
          "T038426",
          "T036197",
          "T038375",
          "T038377"
        ]
      },
      "release_date": "2024-10-15T22:00:00.000+00:00",
      "title": "CVE-2024-7254"
    }
  ]
}

wid-sec-w-2024-1214

Vulnerability from csaf_certbund

Published

2024-05-21 22:00

Modified

2024-05-21 22:00

Summary

Atlassian Jira Software (Data Center und Server): Mehrere Schwachstellen

Notes

Produktbeschreibung

Jira ist eine Webanwendung zur Softwareentwicklung.

Angriff

Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Atlassian Jira Software Data Center und Server ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, beliebigen Code auszuführen oder Daten zu manipulieren.

Betroffene Betriebssysteme

- Linux - MacOS X - Sonstiges - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Jira ist eine Webanwendung zur Softwareentwicklung.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Atlassian Jira Software Data Center und Server ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, beliebigen Code auszuf\u00fchren oder Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux\n- MacOS X\n- Sonstiges\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1214 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1214.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1214 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1214"
      },
      {
        "category": "external",
        "summary": "Atlassian Security Bulletin May 2024 vom 2024-05-21",
        "url": "https://confluence.atlassian.com/security/security-bulletin-may-21-2024-1387867145.html"
      },
      {
        "category": "external",
        "summary": "Atlassian Vulnerability JSWSERVER-25950 vom 2024-05-21",
        "url": "https://jira.atlassian.com/browse/JSWSERVER-25950"
      },
      {
        "category": "external",
        "summary": "Atlassian Vulnerability JSWSERVER-25949 vom 2024-05-21",
        "url": "https://jira.atlassian.com/browse/JSWSERVER-25949"
      },
      {
        "category": "external",
        "summary": "Atlassian Vulnerability JSWSERVER-25896 vom 2024-05-21",
        "url": "https://jira.atlassian.com/browse/JSWSERVER-25896"
      },
      {
        "category": "external",
        "summary": "Atlassian Vulnerability JSWSERVER-25905 vom 2024-05-21",
        "url": "https://jira.atlassian.com/browse/JSWSERVER-25905"
      },
      {
        "category": "external",
        "summary": "Atlassian Vulnerability JSWSERVER-25948 vom 2024-05-21",
        "url": "https://jira.atlassian.com/browse/JSWSERVER-25948"
      }
    ],
    "source_lang": "en-US",
    "title": "Atlassian Jira Software (Data Center und Server): Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-05-21T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:09:27.260+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-1214",
      "initial_release_date": "2024-05-21T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.12.0",
                "product": {
                  "name": "Atlassian Jira Software Data Center and Server \u003c9.12.0",
                  "product_id": "T034987"
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.11.3",
                "product": {
                  "name": "Atlassian Jira Software Data Center and Server \u003c9.11.3",
                  "product_id": "T034988"
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.4.19",
                "product": {
                  "name": "Atlassian Jira Software Data Center and Server \u003c9.4.19",
                  "product_id": "T034989"
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.8.0",
                "product": {
                  "name": "Atlassian Jira Software Data Center and Server \u003c9.8.0",
                  "product_id": "T034990"
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.7.2",
                "product": {
                  "name": "Atlassian Jira Software Data Center and Server \u003c9.7.2",
                  "product_id": "T034991"
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.4.18",
                "product": {
                  "name": "Atlassian Jira Software Data Center and Server \u003c9.4.18",
                  "product_id": "T034992"
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.12.6",
                "product": {
                  "name": "Atlassian Jira Software Data Center and Server \u003c9.12.6",
                  "product_id": "T034993"
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.15.2",
                "product": {
                  "name": "Atlassian Jira Software Data Center and Server \u003c9.15.2",
                  "product_id": "T034995"
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.12.7",
                "product": {
                  "name": "Atlassian Jira Software Data Center and Server \u003c9.12.7",
                  "product_id": "T034996"
                }
              },
              {
                "category": "product_version_range",
                "name": "Data Center and Server \u003c9.4.20",
                "product": {
                  "name": "Atlassian Jira Software Data Center and Server \u003c9.4.20",
                  "product_id": "T034997"
                }
              }
            ],
            "category": "product_name",
            "name": "Jira Software"
          }
        ],
        "category": "vendor",
        "name": "Atlassian"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-25647",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Atlassian Jira Software. Dieser Fehler besteht in der Data Center- und Server-Komponente aufgrund einer Abh\u00e4ngigkeit zum com.google.code.gson:gson-Plugin. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034990",
          "T034992",
          "T034991"
        ]
      },
      "release_date": "2024-05-21T22:00:00.000+00:00",
      "title": "CVE-2022-25647"
    },
    {
      "cve": "CVE-2022-41966",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Atlassian Jira Software. Dieser Fehler besteht in der Komponente Data Center und Server aufgrund einer Abh\u00e4ngigkeit zum om.thoughtworks.xstream:xstream-Plugin. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "release_date": "2024-05-21T22:00:00.000+00:00",
      "title": "CVE-2022-41966"
    },
    {
      "cve": "CVE-2024-1597",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Atlassian Jira Software. Dieser Fehler besteht in den Komponenten Data Center und Server aufgrund einer Abh\u00e4ngigkeit zum org.postgresql:postgresql-Plugin, die zu einem SQL-Injection-Problem f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle zur Ausf\u00fchrung von beliebigem Code ausnutzen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034987",
          "T034988",
          "T034990",
          "T034992",
          "T034991"
        ]
      },
      "release_date": "2024-05-21T22:00:00.000+00:00",
      "title": "CVE-2024-1597"
    },
    {
      "cve": "CVE-2024-22257",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Atlassian Jira Software. Dieser Fehler besteht in den Komponenten Data Center und Server aufgrund einer Abh\u00e4ngigkeit zum org.springframework.security:spring-security-core-Plugin, die zu einer unzul\u00e4ssigen Autorisierung f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Daten zu manipulieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034987",
          "T034989",
          "T034988",
          "T034990",
          "T034993",
          "T034992",
          "T034991"
        ]
      },
      "release_date": "2024-05-21T22:00:00.000+00:00",
      "title": "CVE-2024-22257"
    },
    {
      "cve": "CVE-2024-23672",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in der Atlassian Jira Software. Dieser Fehler besteht in den Komponenten Data Center und Server aufgrund einer Abh\u00e4ngigkeit zum org.apache.tomcat:tomcat-websocket-Plugin. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T034987",
          "T034988",
          "T034990",
          "T034992",
          "T034991"
        ]
      },
      "release_date": "2024-05-21T22:00:00.000+00:00",
      "title": "CVE-2024-23672"
    }
  ]
}

wid-sec-w-2024-1642

Vulnerability from csaf_certbund

Published

2024-07-16 22:00

Modified

2024-11-20 23:00

Summary

Oracle Communications: Mehrere Schwachstellen

Notes

Produktbeschreibung

Oracle Communications umfasst branchenspezifische Lösungen für die Telekommunikationsbranche.

Angriff

Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Oracle Communications umfasst branchenspezifische L\u00f6sungen f\u00fcr die Telekommunikationsbranche.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-1642 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1642.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-1642 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1642"
      },
      {
        "category": "external",
        "summary": "Oracle Critical Patch Update Advisory - July 2024 - Appendix Oracle Communications vom 2024-07-16",
        "url": "https://www.oracle.com/security-alerts/cpujul2024.html#AppendixCGBU"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:6016 vom 2024-09-05",
        "url": "https://access.redhat.com/errata/RHSA-2024:6016"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9975 vom 2024-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:9975"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:9976 vom 2024-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:9976"
      }
    ],
    "source_lang": "en-US",
    "title": "Oracle Communications: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-11-20T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-21T13:09:50.776+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-1642",
      "initial_release_date": "2024-07-16T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-07-16T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-09-05T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-11-20T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "23.1.0",
                "product": {
                  "name": "Oracle Communications 23.1.0",
                  "product_id": "T027326",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.6.1.0.0",
                "product": {
                  "name": "Oracle Communications 12.6.1.0.0",
                  "product_id": "T027338",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:12.6.1.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5.1",
                "product": {
                  "name": "Oracle Communications 5.1",
                  "product_id": "T028684",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "15.0.0.0.0",
                "product": {
                  "name": "Oracle Communications 15.0.0.0.0",
                  "product_id": "T032090",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:15.0.0.0.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.0",
                "product": {
                  "name": "Oracle Communications 23.4.0",
                  "product_id": "T032091",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.1",
                "product": {
                  "name": "Oracle Communications 23.4.1",
                  "product_id": "T034143",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "23.4.2",
                "product": {
                  "name": "Oracle Communications 23.4.2",
                  "product_id": "T034144",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:23.4.2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "24.1.0",
                "product": {
                  "name": "Oracle Communications 24.1.0",
                  "product_id": "T034145",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "5.2",
                "product": {
                  "name": "Oracle Communications 5.2",
                  "product_id": "T034146",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:5.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.3",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.3",
                  "product_id": "T036195"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.3",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.3",
                  "product_id": "T036195-fixed"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.4",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.4",
                  "product_id": "T036196"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=23.4.4",
                "product": {
                  "name": "Oracle Communications \u003c=23.4.4",
                  "product_id": "T036196-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "24.2.0",
                "product": {
                  "name": "Oracle Communications 24.2.0",
                  "product_id": "T036197",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:24.2.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=8.6.0.8",
                "product": {
                  "name": "Oracle Communications \u003c=8.6.0.8",
                  "product_id": "T036198"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=8.6.0.8",
                "product": {
                  "name": "Oracle Communications \u003c=8.6.0.8",
                  "product_id": "T036198-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "46.6.4",
                "product": {
                  "name": "Oracle Communications 46.6.4",
                  "product_id": "T036199",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:46.6.4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "46.6.5",
                "product": {
                  "name": "Oracle Communications 46.6.5",
                  "product_id": "T036200",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:46.6.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.11.3",
                "product": {
                  "name": "Oracle Communications 12.11.3",
                  "product_id": "T036201",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:12.11.3"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.11.4",
                "product": {
                  "name": "Oracle Communications 12.11.4",
                  "product_id": "T036202",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:12.11.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=8.6.0.6",
                "product": {
                  "name": "Oracle Communications \u003c=8.6.0.6",
                  "product_id": "T036203"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=8.6.0.6",
                "product": {
                  "name": "Oracle Communications \u003c=8.6.0.6",
                  "product_id": "T036203-fixed"
                }
              },
              {
                "category": "product_version",
                "name": "10.5",
                "product": {
                  "name": "Oracle Communications 10.5",
                  "product_id": "T036204",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:10.5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "4.1.0",
                "product": {
                  "name": "Oracle Communications 4.1.0",
                  "product_id": "T036205",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:4.1.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "4.2.0",
                "product": {
                  "name": "Oracle Communications 4.2.0",
                  "product_id": "T036206",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:4.2.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.2.0",
                "product": {
                  "name": "Oracle Communications 9.2.0",
                  "product_id": "T036207",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.2.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.3.0",
                "product": {
                  "name": "Oracle Communications 9.3.0",
                  "product_id": "T036208",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:9.3.0"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "12.11.0",
                "product": {
                  "name": "Oracle Communications 12.11.0",
                  "product_id": "T036209",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:oracle:communications:12.11.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=9.0.3",
                "product": {
                  "name": "Oracle Communications \u003c=9.0.3",
                  "product_id": "T036210"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c=9.0.3",
                "product": {
                  "name": "Oracle Communications \u003c=9.0.3",
                  "product_id": "T036210-fixed"
                }
              }
            ],
            "category": "product_name",
            "name": "Communications"
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-10086",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2019-10086"
    },
    {
      "cve": "CVE-2021-29425",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2021-29425"
    },
    {
      "cve": "CVE-2021-37533",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2021-37533"
    },
    {
      "cve": "CVE-2021-41184",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2021-41184"
    },
    {
      "cve": "CVE-2022-34169",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-34169"
    },
    {
      "cve": "CVE-2022-36033",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-36033"
    },
    {
      "cve": "CVE-2022-42890",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-42890"
    },
    {
      "cve": "CVE-2022-48174",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2022-48174"
    },
    {
      "cve": "CVE-2023-24998",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-24998"
    },
    {
      "cve": "CVE-2023-33201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-33201"
    },
    {
      "cve": "CVE-2023-37920",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-37920"
    },
    {
      "cve": "CVE-2023-44487",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-44487"
    },
    {
      "cve": "CVE-2023-46589",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-46589"
    },
    {
      "cve": "CVE-2023-48795",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-48795"
    },
    {
      "cve": "CVE-2023-51775",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-51775"
    },
    {
      "cve": "CVE-2023-52425",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-52425"
    },
    {
      "cve": "CVE-2023-5685",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2023-5685"
    },
    {
      "cve": "CVE-2024-0450",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-0450"
    },
    {
      "cve": "CVE-2024-22019",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22019"
    },
    {
      "cve": "CVE-2024-22201",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22201"
    },
    {
      "cve": "CVE-2024-22234",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22234"
    },
    {
      "cve": "CVE-2024-22257",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22257"
    },
    {
      "cve": "CVE-2024-22262",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-22262"
    },
    {
      "cve": "CVE-2024-23672",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-23807",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-23807"
    },
    {
      "cve": "CVE-2024-23897",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-23897"
    },
    {
      "cve": "CVE-2024-24549",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-24549"
    },
    {
      "cve": "CVE-2024-25062",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-25062"
    },
    {
      "cve": "CVE-2024-25710",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-25710"
    },
    {
      "cve": "CVE-2024-26130",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-26130"
    },
    {
      "cve": "CVE-2024-26308",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-26308"
    },
    {
      "cve": "CVE-2024-27316",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-27316"
    },
    {
      "cve": "CVE-2024-28182",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-28182"
    },
    {
      "cve": "CVE-2024-28752",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-28752"
    },
    {
      "cve": "CVE-2024-28849",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-28849"
    },
    {
      "cve": "CVE-2024-29025",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-29025"
    },
    {
      "cve": "CVE-2024-2961",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-2961"
    },
    {
      "cve": "CVE-2024-34064",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-34064"
    },
    {
      "cve": "CVE-2024-34069",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-34069"
    },
    {
      "cve": "CVE-2024-6162",
      "notes": [
        {
          "category": "description",
          "text": "In Oracle Communications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer oder authentisierter Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"HIGH\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" \u00fcber alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"HOCH\" f\u00fcr die Schadensh\u00f6he."
        }
      ],
      "product_status": {
        "known_affected": [
          "T036209",
          "T036205",
          "67646",
          "T036206",
          "T036207",
          "T036208",
          "T034143",
          "T036201",
          "T036202",
          "T036204",
          "T036197",
          "T034146",
          "T034145",
          "T036199",
          "T034144",
          "T036200",
          "T032090",
          "T032091",
          "T027326",
          "T027338",
          "T028684"
        ],
        "last_affected": [
          "T036195",
          "T036196",
          "T036203",
          "T036198",
          "T036210"
        ]
      },
      "release_date": "2024-07-16T22:00:00.000+00:00",
      "title": "CVE-2024-6162"
    }
  ]
}

ghsa-v682-8vv8-vpwr

Vulnerability from github

Published

2024-03-13 18:31

Modified

2025-08-08 18:33

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Summary

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat

Details

Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 11.0.0-M16"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-websocket"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0-M1"
            },
            {
              "fixed": "11.0.0-M17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 10.1.18"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-websocket"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.1.0-M1"
            },
            {
              "fixed": "10.1.19"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 9.0.85"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-websocket"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0-M1"
            },
            {
              "fixed": "9.0.86"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 8.5.98"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat-websocket"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.5.0"
            },
            {
              "fixed": "8.5.99"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 11.0.0-M16"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-websocket"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "11.0.0-M1"
            },
            {
              "fixed": "11.0.0-M17"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 10.1.18"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-websocket"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "10.1.0-M1"
            },
            {
              "fixed": "10.1.19"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 9.0.85"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-websocket"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0-M1"
            },
            {
              "fixed": "9.0.86"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 8.5.98"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat.embed:tomcat-embed-websocket"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.5.0"
            },
            {
              "fixed": "8.5.99"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-23672"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-459"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-03-14T14:04:03Z",
    "nvd_published_at": "2024-03-13T16:15:29Z",
    "severity": "MODERATE"
  },
  "details": "Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Older, EOL versions may also be affected.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.",
  "id": "GHSA-v682-8vv8-vpwr",
  "modified": "2025-08-08T18:33:22Z",
  "published": "2024-03-13T18:31:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/0052b374684b613b0c849899b325ebe334ac6501"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/3631adb1342d8bbd8598802a12b63ad02c37d591"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/52d6650e062d880704898d7d8c1b2b7a3efe8068"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/b0e3b1bd78de270d53e319d7cb79eb282aa53cb9"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/tomcat"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UWIS5MMGYDZBLJYT674ZI5AWFHDZ46B"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/736G4GPZWS2DSQO5WKXO3G6OMZKFEK55"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20240402-0002"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2024/03/13/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Denial of Service via incomplete cleanup vulnerability in Apache Tomcat"
}

suse-su-2024:1204-1

Vulnerability from csaf_suse

Published

2024-04-11 10:43

Modified

2024-04-11 10:43

Summary

Security update for tomcat10

Notes

Title of the patch

Security update for tomcat10

Description of the patch

This update for tomcat10 fixes the following issues: - CVE-2024-24549: Fixed denial of service during header validation for HTTP/2 stream (bsc#1221386) - CVE-2024-23672: Fixed denial of service due to malicious WebSocket client keeping connection open (bsc#1221385) Other fixes: - Update to Tomcat 10.1.20 * Catalina + Fix: Minor performance improvement for building filter chains. Based on ideas from #702 by Luke Miao. (remm) + Fix: Align error handling for Writer and OutputStream. Ensure use of either once the response has been recycled triggers a NullPointerException provided that discardFacades is configured with the default value of true. (markt) + Fix: 68692: The standard thread pool implementations that are configured using the Executor element now implement ExecutorService for better support NIO2. (remm) + Fix: 68495: When restoring a saved POST request after a successful FORM authentication, ensure that neither the URI, the query string nor the protocol are corrupted when restoring the request body. (markt) + Fix: After forwarding a request, attempt to unwrap the response in order to suspend it, instead of simply closing it if it was wrapped. Add a new suspendWrappedResponseAfterForward boolean attribute on Context to control the bahavior, defaulting to false. (remm) + Fix: 68721: Workaround a possible cause of duplicate class definitions when using ClassFileTransformers and the transformation of a class also triggers the loading of the same class. (markt) + Fix: The rewrite valve should not do a rewrite if the output is identical to the input. (remm) + Update: Add a new valveSkip (or VS) rule flag to the rewrite valve to allow skipping over the next valve in the Catalina pipeline. (remm) + Update: Add highConcurrencyStatus attribute to the SemaphoreValve to optionally allow the valve to return an error status code to the client when a permit cannot be acquired from the semaphore. (remm) + Add: Add checking of the 'age' of the running Tomcat instance since its build-date to the SecurityListener, and log a warning if the server is old. (schultz) + Fix: When using the AsyncContext, throw an IllegalStateException, rather than allowing an NullPointerException, if an attempt is made to use the AsyncContext after it has been recycled. (markt) + Fix: Correct JPMS and OSGi meta-data for tomcat-embed-core.jar by removing reference to org.apache.catalina.ssi package that is no longer included in the JAR. Based on pull request #684 by Jendrik Johannes. (markt) + Fix: Fix ServiceBindingPropertySource so that trailing \r\n sequences are correctly removed from files containing property values when configured to do so. Bug identified by Coverity Scan. (markt) + Add: Add improvements to the CSRF prevention filter including the ability to skip adding nonces for resource name and subtree URL patterns. (schultz) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) + Fix: 68089: Further improve the performance of request attribute access for ApplicationHttpRequest and ApplicationRequest. (markt) + Fix: 68559: Allow asynchronous error handling to write to the response after an error during asynchronous processing. (markt) * Coyote + Fix: Improve the HTTP/2 stream prioritisation process. If a stream uses all of the connection windows and still has content to write, it will now be added to the backlog immediately rather than waiting until the write attempt for the remaining content. (markt) + Fix: Add threadsMaxIdleTime attribute to the endpoint, to allow configuring the amount of time before an internal executor will scale back to the configured minSpareThreads size. (remm) + Fix: Correct a regression in the support for user provided SSLContext instances that broke the org.apache.catalina.security.TLSCertificateReloadListener. (markt) + Fix: Setting a null value for a cookie attribute should remove the attribute. (markt) + Fix: Make asynchronous error handling more robust. Ensure that once a connection is marked to be closed, further asynchronous processing cannot change that. (markt) + Fix: Make asynchronous error handling more robust. Ensure that once the call to AsyncListener.onError() has returned to the container, only container threads can access the AsyncContext. This protects against various race conditions that woudl otherwise occur if application threads continued to access the AsyncContext. + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. In particular, most of the HTTP/2 debug logging has been changed to trace level. (remm) + Fix: Add support for user provided SSLContext instances configured on SSLHostConfigCertificate instances. Based on pull request #673 provided by Hakan Altındağ. (markt) + Fix: Partial fix for 68558: Cache the result of converting to String for request URI, HTTP header names and the request Content-Type value to improve performance by reducing repeated byte[] to String conversions. (markt) + Fix: Improve error reporting to HTTP/2 clients for header processing errors by reporting problems at the end of the frame where the error was detected rather than at the end of the headers. (markt) + Fix: Remove the remaining reference to a stream once the stream has been recycled. This makes the stream eligible for garbage collection earlier and thereby improves scalability. (markt) * Jasper + Add: Add support for specifying Java 22 (with the value 22) as the compiler source and/or compiler target for JSP compilation. If used with an Eclipse JDT compiler version that does not support these values, a warning will be logged and the default will used. (markt) + Fix: Handle the case where the JSP engine forwards a request/response to a Servlet that uses an OutputStream rather than a Writer. This was triggering an IllegalStateException on code paths where there was a subsequent attempt to obtain a Writer. (markt) + Fix: Correctly handle the case where a tag library is packaged in a JAR file and the web application is deployed as a WAR file rather than an unpacked directory. (markt) + Fix: 68546: Generate optimal size and types for JSP imports maps, as suggested by John Engebretson. (remm) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) * Cluster + Fix: Avoid updating request count stats on async. (remm) * WebSocket + Fix: Correct a regression in the fix for 66508 that could cause an UpgradeProcessor leak in some circumstances. (markt) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) + Fix: Ensure that WebSocket connection closure completes if the connection is closed when the server side has used the proprietary suspend/resume feature to suspend the connection. (markt) * Web applications Add: Add support for responses in JSON format from the examples application RequestHeaderExample. (schultz) * Other + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt) + Fix: 57130: Allow digest.(sh|bat) to accept password from a file or stdin. (csutherl/schultz) + Update: Update Checkstyle to 10.14.1. (markt) + Fix: Correct the remaining OSGi contract references in the manifest files to refer to the Jakarta EE contract names rather than the Java EE contract names. Based on pull request #685 provided by Paul A. Nicolucci. (markt) + Update: Update Checkstyle to 10.13.0. (markt) + Update: Update JSign to 6.0. (markt) + Update: Update the packaged version of the Tomcat Migration Tool for Jakarta EE to 1.0.7. (markt) + Update: Update Tomcat Native to 2.0.7. (markt) + Update: Add strings for debug level messages. (remm) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt)

Patchnames

SUSE-2024-1204,SUSE-SLE-Module-Web-Scripting-15-SP5-2024-1204,openSUSE-SLE-15.5-2024-1204

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for tomcat10",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for tomcat10 fixes the following issues:\n\n- CVE-2024-24549: Fixed denial of service during header validation for HTTP/2 stream (bsc#1221386)\n- CVE-2024-23672: Fixed denial of service due to malicious WebSocket client keeping connection open (bsc#1221385)\n\nOther fixes:\n- Update to Tomcat 10.1.20\n  * Catalina\n    + Fix:  Minor performance improvement for building filter chains. \n      Based on ideas from #702 by Luke Miao. (remm)\n    + Fix:  Align error handling for Writer and OutputStream. Ensure \n      use of either once the response has been recycled triggers a \n      NullPointerException provided that discardFacades is configured with \n      the default value of true. (markt)\n    + Fix:  68692: The standard thread pool implementations that are \n      configured using the Executor element now implement ExecutorService \n      for better support NIO2. (remm)\n    + Fix:  68495: When restoring a saved POST request after a \n      successful FORM authentication, ensure that neither the URI, the \n      query string nor the protocol are corrupted when restoring the \n      request body. (markt)\n    + Fix:  After forwarding a request, attempt to unwrap the \n      response in order to suspend it, instead of simply closing it if it \n      was wrapped. Add a new suspendWrappedResponseAfterForward boolean \n      attribute on Context to control the bahavior, defaulting to false. \n      (remm)\n    + Fix:  68721: Workaround a possible cause of duplicate class \n      definitions when using ClassFileTransformers and the transformation \n      of a class also triggers the loading of the same class. (markt)\n    + Fix:  The rewrite valve should not do a rewrite if the output \n      is identical to the input. (remm)\n    + Update:  Add a new valveSkip (or VS) rule flag to the rewrite \n      valve to allow skipping over the next valve in the Catalina pipeline. \n      (remm)\n    + Update:  Add highConcurrencyStatus attribute to the \n      SemaphoreValve to optionally allow the valve to return an error \n      status code to the client when a permit cannot be acquired from the \n      semaphore. (remm)\n    + Add:  Add checking of the \u0027age\u0027 of the running Tomcat instance \n      since its build-date to the SecurityListener, and log a warning if \n      the server is old. (schultz)\n    + Fix:  When using the AsyncContext, throw an \n      IllegalStateException, rather than allowing an NullPointerException, \n      if an attempt is made to use the AsyncContext after it has been \n      recycled. (markt)\n    + Fix:  Correct JPMS and OSGi meta-data for tomcat-embed-core.jar \n      by removing reference to org.apache.catalina.ssi package that is no \n      longer included in the JAR. Based on pull request #684 by Jendrik \n      Johannes. (markt)\n    + Fix:  Fix ServiceBindingPropertySource so that trailing \\r\\n \n      sequences are correctly removed from files containing property values \n      when configured to do so. Bug identified by Coverity Scan. (markt)\n    + Add:  Add improvements to the CSRF prevention filter including \n      the ability to skip adding nonces for resource name and subtree URL \n      patterns. (schultz)\n    + Fix:  Review usage of debug logging and downgrade trace or data \n      dumping operations from debug level to trace. (remm)\n    + Fix:  68089: Further improve the performance of request \n      attribute access for ApplicationHttpRequest and ApplicationRequest. \n      (markt)\n    + Fix:  68559: Allow asynchronous error handling to write to the \n      response after an error during asynchronous processing. (markt)\n  * Coyote\n    + Fix:  Improve the HTTP/2 stream prioritisation process. If a \n      stream uses all of the connection windows and still has content to \n      write, it will now be added to the backlog immediately rather than \n      waiting until the write attempt for the remaining content. (markt)\n    + Fix:  Add threadsMaxIdleTime attribute to the endpoint, to \n      allow configuring the amount of time before an internal executor will \n      scale back to the configured minSpareThreads size. (remm)\n    + Fix:  Correct a regression in the support for user provided \n      SSLContext instances that broke the \n      org.apache.catalina.security.TLSCertificateReloadListener. (markt)\n    + Fix:  Setting a null value for a cookie attribute should remove \n      the attribute. (markt)\n    + Fix:  Make asynchronous error handling more robust. Ensure that \n      once a connection is marked to be closed, further asynchronous \n      processing cannot change that. (markt)\n    + Fix:  Make asynchronous error handling more robust. Ensure that \n      once the call to AsyncListener.onError() has returned to the \n      container, only container threads can access the AsyncContext. This \n      protects against various race conditions that woudl otherwise occur \n      if application threads continued to access the AsyncContext.\n    + Fix:  Review usage of debug logging and downgrade trace or data \n      dumping operations from debug level to trace. In particular, most of \n      the HTTP/2 debug logging has been changed to trace level. (remm)\n    + Fix:  Add support for user provided SSLContext instances \n      configured on SSLHostConfigCertificate instances. Based on pull \n      request #673 provided by Hakan Alt\u0131nda\u011f. (markt)\n    + Fix:  Partial fix for 68558: Cache the result of converting to \n      String for request URI, HTTP header names and the request \n      Content-Type value to improve performance by reducing repeated byte[] \n      to String conversions. (markt)\n    + Fix:  Improve error reporting to HTTP/2 clients for header \n      processing errors by reporting problems at the end of the frame where \n      the error was detected rather than at the end of the headers. (markt)\n    + Fix:  Remove the remaining reference to a stream once the \n      stream has been recycled. This makes the stream eligible for garbage \n      collection earlier and thereby improves scalability. (markt)\n  * Jasper\n    + Add:  Add support for specifying Java 22 (with the value 22) as \n      the compiler source and/or compiler target for JSP compilation. If \n      used with an Eclipse JDT compiler version that does not support these \n      values, a warning will be logged and the default will used. (markt)\n    + Fix:  Handle the case where the JSP engine forwards a \n      request/response to a Servlet that uses an OutputStream rather than a \n      Writer. This was triggering an IllegalStateException on code paths \n      where there was a subsequent attempt to obtain a Writer. (markt)\n    + Fix:  Correctly handle the case where a tag library is packaged \n      in a JAR file and the web application is deployed as a WAR file \n      rather than an unpacked directory. (markt)\n    + Fix:  68546: Generate optimal size and types for JSP imports \n      maps, as suggested by John Engebretson. (remm)\n    + Fix:  Review usage of debug logging and downgrade trace or data \n      dumping operations from debug level to trace. (remm)\n  *\tCluster\n    + Fix:  Avoid updating request count stats on async. (remm)\n  * WebSocket\n    + Fix:  Correct a regression in the fix for 66508 that could \n      cause an UpgradeProcessor leak in some circumstances. (markt)\n    + Fix:  Review usage of debug logging and downgrade trace or data \n      dumping operations from debug level to trace. (remm)\n    + Fix:  Ensure that WebSocket connection closure completes if the \n      connection is closed when the server side has used the proprietary \n      suspend/resume feature to suspend the connection. (markt)\n  * Web applications\n      Add:  Add support for responses in JSON format from the examples \n      application RequestHeaderExample. (schultz)\n  * Other\n    + Add:  Improvements to French translations. (remm)\n    + Add:  Improvements to Japanese translations by tak7iji. (markt)\n    + Fix:  57130: Allow digest.(sh|bat) to accept password from a \n      file or stdin. (csutherl/schultz)\n    + Update:  Update Checkstyle to 10.14.1. (markt)\n    + Fix:  Correct the remaining OSGi contract references in the \n      manifest files to refer to the Jakarta EE contract names rather than \n      the Java EE contract names. Based on pull request #685 provided by \n      Paul A. Nicolucci. (markt)\n    + Update:  Update Checkstyle to 10.13.0. (markt)\n    + Update:  Update JSign to 6.0. (markt)\n    + Update:  Update the packaged version of the Tomcat Migration \n      Tool for Jakarta EE to 1.0.7. (markt)\n    + Update:  Update Tomcat Native to 2.0.7. (markt)\n    + Update:  Add strings for debug level messages. (remm)\n    + Add:  Improvements to French translations. (remm)\n    + Add:  Improvements to Japanese translations by tak7iji. (markt)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-1204,SUSE-SLE-Module-Web-Scripting-15-SP5-2024-1204,openSUSE-SLE-15.5-2024-1204",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1204-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:1204-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241204-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:1204-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2024-April/034931.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221385",
        "url": "https://bugzilla.suse.com/1221385"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221386",
        "url": "https://bugzilla.suse.com/1221386"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-23672 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-23672/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24549 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24549/"
      }
    ],
    "title": "Security update for tomcat10",
    "tracking": {
      "current_release_date": "2024-04-11T10:43:42Z",
      "generator": {
        "date": "2024-04-11T10:43:42Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:1204-1",
      "initial_release_date": "2024-04-11T10:43:42Z",
      "revision_history": [
        {
          "date": "2024-04-11T10:43:42Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat10-10.1.20-150200.5.22.2.noarch",
                "product": {
                  "name": "tomcat10-10.1.20-150200.5.22.2.noarch",
                  "product_id": "tomcat10-10.1.20-150200.5.22.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
                "product": {
                  "name": "tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
                  "product_id": "tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-doc-10.1.20-150200.5.22.2.noarch",
                "product": {
                  "name": "tomcat10-doc-10.1.20-150200.5.22.2.noarch",
                  "product_id": "tomcat10-doc-10.1.20-150200.5.22.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch",
                "product": {
                  "name": "tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch",
                  "product_id": "tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
                "product": {
                  "name": "tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
                  "product_id": "tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-embed-10.1.20-150200.5.22.2.noarch",
                "product": {
                  "name": "tomcat10-embed-10.1.20-150200.5.22.2.noarch",
                  "product_id": "tomcat10-embed-10.1.20-150200.5.22.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
                "product": {
                  "name": "tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
                  "product_id": "tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-jsvc-10.1.20-150200.5.22.2.noarch",
                "product": {
                  "name": "tomcat10-jsvc-10.1.20-150200.5.22.2.noarch",
                  "product_id": "tomcat10-jsvc-10.1.20-150200.5.22.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-lib-10.1.20-150200.5.22.2.noarch",
                "product": {
                  "name": "tomcat10-lib-10.1.20-150200.5.22.2.noarch",
                  "product_id": "tomcat10-lib-10.1.20-150200.5.22.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
                "product": {
                  "name": "tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
                  "product_id": "tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat10-webapps-10.1.20-150200.5.22.2.noarch",
                "product": {
                  "name": "tomcat10-webapps-10.1.20-150200.5.22.2.noarch",
                  "product_id": "tomcat10-webapps-10.1.20-150200.5.22.2.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.5",
                "product": {
                  "name": "openSUSE Leap 15.5",
                  "product_id": "openSUSE Leap 15.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.20-150200.5.22.2.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.20-150200.5.22.2.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-lib-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-lib-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.20-150200.5.22.2.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-webapps-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-10.1.20-150200.5.22.2.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat10-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-embed-10.1.20-150200.5.22.2.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat10-embed-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-embed-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-jsvc-10.1.20-150200.5.22.2.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat10-jsvc-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-jsvc-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-lib-10.1.20-150200.5.22.2.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat10-lib-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-lib-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat10-webapps-10.1.20-150200.5.22.2.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch"
        },
        "product_reference": "tomcat10-webapps-10.1.20-150200.5.22.2.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-23672"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nOlder, EOL versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-embed-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-jsvc-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-23672",
          "url": "https://www.suse.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221385 for CVE-2024-23672",
          "url": "https://bugzilla.suse.com/1221385"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-embed-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-jsvc-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-embed-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-jsvc-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-04-11T10:43:42Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24549"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-embed-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-jsvc-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
          "openSUSE Leap 15.5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24549",
          "url": "https://www.suse.com/security/cve/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221386 for CVE-2024-24549",
          "url": "https://bugzilla.suse.com/1221386"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-embed-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-jsvc-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-admin-webapps-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-docs-webapp-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-el-5_0-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-embed-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-jsp-3_1-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-jsvc-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-lib-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-servlet-6_0-api-10.1.20-150200.5.22.2.noarch",
            "openSUSE Leap 15.5:tomcat10-webapps-10.1.20-150200.5.22.2.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-04-11T10:43:42Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24549"
    }
  ]
}

suse-su-2024:1345-1

Vulnerability from csaf_suse

Published

2024-04-18 17:15

Modified

2024-04-18 17:15

Summary

Security update for tomcat

Notes

Title of the patch

Security update for tomcat

Description of the patch

This update for tomcat fixes the following issues: - CVE-2024-24549: Fixed denial of service during header validation for HTTP/2 stream (bsc#1221386) - CVE-2024-23672: Fixed denial of service due to malicious WebSocket client keeping connection open (bsc#1221385) Other fixes: - Update to Tomcat 9.0.87 * Catalina + Fix: Minor performance improvement for building filter chains. Based on ideas from #702 by Luke Miao. (remm) + Fix: Align error handling for Writer and OutputStream. Ensure use of either once the response has been recycled triggers a NullPointerException provided that discardFacades is configured with the default value of true. (markt) + Fix: 68692: The standard thread pool implementations that are configured using the Executor element now implement ExecutorService for better support NIO2. (remm) + Fix: 68495: When restoring a saved POST request after a successful FORM authentication, ensure that neither the URI, the query string nor the protocol are corrupted when restoring the request body. (markt) + Fix: 68721: Workaround a possible cause of duplicate class definitions when using ClassFileTransformers and the transformation of a class also triggers the loading of the same class. (markt) + Fix: The rewrite valve should not do a rewrite if the output is identical to the input. (remm) + Update: Add a new valveSkip (or VS) rule flag to the rewrite valve to allow skipping over the next valve in the Catalina pipeline. (remm) + Fix: Correct JPMS and OSGi meta-data for tomcat-enbed-core.jar by removing reference to org.apache.catalina.ssi package that is no longer included in the JAR. Based on pull request #684 by Jendrik Johannes. (markt) + Fix: Fix ServiceBindingPropertySource so that trailing \r\n sequences are correctly removed from files containing property values when configured to do so. Bug identified by Coverity Scan. (markt) + Add: Add improvements to the CSRF prevention filter including the ability to skip adding nonces for resource name and subtree URL patterns. (schultz) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) + Fix: 68089: Further improve the performance of request attribute access for ApplicationHttpRequest and ApplicationRequest. (markt) + Fix: 68559: Allow asynchronous error handling to write to the response after an error during asynchronous processing. (markt) * Coyote + Fix: Improve the HTTP/2 stream prioritisation process. If a stream uses all of the connection windows and still has content to write, it will now be added to the backlog immediately rather than waiting until the write attempt for the remaining content. (markt) + Fix: Make asynchronous error handling more robust. Ensure that once a connection is marked to be closed, further asynchronous processing cannot change that. (markt) + Fix: Make asynchronous error handling more robust. Ensure that once the call to AsyncListener.onError() has returned to the container, only container threads can access the AsyncContext. This protects against various race conditions that woudl otherwise occur if application threads continued to access the AsyncContext. + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. In particular, most of the HTTP/2 debug logging has been changed to trace level. (remm) + Fix: Add support for user provided SSLContext instances configured on SSLHostConfigCertificate instances. Based on pull request #673 provided by Hakan Altındağ. (markt) + Fix: Improve the Tomcat Native shutdown process to reduce the likelihood of a JVM crash during Tomcat shutdown. (markt) + Fix: Partial fix for 68558: Cache the result of converting to String for request URI, HTTP header names and the request Content-Type value to improve performance by reducing repeated byte[] to String conversions. (markt) + Fix: Improve error reporting to HTTP/2 clients for header processing errors by reporting problems at the end of the frame where the error was detected rather than at the end of the headers. (markt) + Fix: Remove the remaining reference to a stream once the stream has been recycled. This makes the stream eligible for garbage collection earlier and thereby improves scalability. (markt) * Jasper + Add: Add support for specifying Java 22 (with the value 22) as the compiler source and/or compiler target for JSP compilation. If used with an Eclipse JDT compiler version that does not support these values, a warning will be logged and the default will used. (markt) + Fix: 68546: Generate optimal size and types for JSP imports maps, as suggested by John Engebretson. (remm) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) * Cluster + Fix: Avoid updating request count stats on async. (remm) * WebSocket + Fix: Correct a regression in the fix for 66508 that could cause an UpgradeProcessor leak in some circumstances. (markt) + Fix: Review usage of debug logging and downgrade trace or data dumping operations from debug level to trace. (remm) + Fix: Ensure that WebSocket connection closure completes if the connection is closed when the server side has used the proprietary suspend/resume feature to suspend the connection. (markt) * Web applications + Add: Add support for responses in JSON format from the examples application RequestHeaderExample. (schultz) * Other + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt) + Update: Update Checkstyle to 10.13.0. (markt) + Update: Update JSign to 6.0. (markt) + Update: Add strings for debug level messages. (remm) + Update: Update Tomcat Native to 1.3.0. (markt) + Add: Improvements to French translations. (remm) + Add: Improvements to Japanese translations by tak7iji. (markt)

Patchnames

SUSE-2024-1345,SUSE-SLE-Module-Development-Tools-15-SP5-2024-1345,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1345,SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-1345,SUSE-SLE-Module-Web-Scripting-15-SP5-2024-1345,SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1345,SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1345,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1345,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1345,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1345,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1345,SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1345,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1345,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1345,SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1345,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1345,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1345,SUSE-Storage-7.1-2024-1345,openSUSE-SLE-15.5-2024-1345

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for tomcat",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for tomcat fixes the following issues:\n\n- CVE-2024-24549: Fixed denial of service during header validation for HTTP/2 stream (bsc#1221386)\n- CVE-2024-23672: Fixed denial of service due to malicious WebSocket client keeping connection open (bsc#1221385)\n\nOther fixes:\n- Update to Tomcat 9.0.87    \n  * Catalina\n    + Fix:  Minor performance improvement for building filter chains. Based \n      on ideas from #702 by Luke Miao. (remm)\n    + Fix:  Align error handling for Writer and OutputStream. Ensure use of \n      either once the response has been recycled triggers a \n      NullPointerException provided that discardFacades is configured with \n      the default value of true. (markt)\n    + Fix:  68692: The standard thread pool implementations that are configured\n      using the Executor element now implement ExecutorService for better \n      support NIO2. (remm)\n    + Fix:  68495: When restoring a saved POST request after a successful FORM \n      authentication, ensure that neither the URI, the query string nor the \n      protocol are corrupted when restoring the request body. (markt)\n    + Fix:  68721: Workaround a possible cause of duplicate class definitions \n      when using ClassFileTransformers and the transformation of a class also\n      triggers the loading of the same class. (markt)\n    + Fix:  The rewrite valve should not do a rewrite if the output is \n      identical to the input. (remm)\n    + Update:  Add a new valveSkip (or VS) rule flag to the rewrite valve to \n      allow skipping over the next valve in the Catalina pipeline. (remm)\n    + Fix:  Correct JPMS and OSGi meta-data for tomcat-enbed-core.jar by \n      removing reference to org.apache.catalina.ssi package that is no longer \n      included in the JAR. Based on pull request #684 by Jendrik Johannes. \n      (markt)\n    + Fix:  Fix ServiceBindingPropertySource so that trailing \\r\\n sequences \n      are correctly removed from files containing property values when \n      configured to do so. Bug identified by Coverity Scan. (markt)\n    + Add:  Add improvements to the CSRF prevention filter including the \n      ability to skip adding nonces for resource name and subtree URL patterns.\n      (schultz)\n    + Fix:  Review usage of debug logging and downgrade trace or data dumping \n      operations from debug level to trace. (remm)\n    + Fix:  68089: Further improve the performance of request attribute \n      access for ApplicationHttpRequest and ApplicationRequest. (markt)\n    + Fix:  68559: Allow asynchronous error handling to write to the \n      response after an error during asynchronous processing. (markt)\n  * Coyote\n    + Fix:  Improve the HTTP/2 stream prioritisation process. If a stream \n      uses all of the connection windows and still has content to write, it \n      will now be added to the backlog immediately rather than waiting until \n      the write  attempt for the remaining content. (markt)\n    + Fix:  Make asynchronous error handling more robust. Ensure that once \n      a connection is marked to be closed, further asynchronous processing \n      cannot change that. (markt)\n    + Fix:  Make asynchronous error handling more robust. Ensure that once \n      the call to AsyncListener.onError() has returned to the container, only \n      container threads can access the AsyncContext. This protects against \n      various race conditions that woudl otherwise occur if application threads\n      continued to access the AsyncContext.\n    + Fix:  Review usage of debug logging and downgrade trace or data \n      dumping operations from debug level to trace. In particular, most of the \n      HTTP/2 debug logging has been changed to trace level. (remm)\n    + Fix:  Add support for user provided SSLContext instances configured \n      on SSLHostConfigCertificate instances. Based on pull request #673 \n      provided by Hakan Alt\u0131nda\u011f. (markt)\n    + Fix:  Improve the Tomcat Native shutdown process to reduce the likelihood\n      of a JVM crash during Tomcat shutdown. (markt)\n    + Fix:  Partial fix for 68558: Cache the result of converting to String \n      for request URI, HTTP header names and the request Content-Type value to \n      improve performance by reducing repeated byte[] to String conversions. \n      (markt)\n    + Fix:  Improve error reporting to HTTP/2 clients for header processing \n      errors by reporting problems at the end of the frame where the error was \n      detected rather than at the end of the headers. (markt)\n    + Fix:  Remove the remaining reference to a stream once the stream has \n      been recycled. This makes the stream eligible for garbage collection \n      earlier and thereby improves scalability. (markt)\n  * Jasper\n    + Add:  Add support for specifying Java 22 (with the value 22) as the \n      compiler source and/or compiler target for JSP compilation. If used with \n      an  Eclipse JDT compiler version that does not support these values, a \n      warning will be logged and the default will used. (markt)\n    + Fix:  68546: Generate optimal size and types for JSP imports maps, as \n      suggested by John Engebretson. (remm)\n    + Fix:  Review usage of debug logging and downgrade trace or data \n      dumping operations from debug level to trace. (remm)\n  * Cluster\n    + Fix:  Avoid updating request count stats on async. (remm)\n  * WebSocket\n    + Fix:  Correct a regression in the fix for 66508 that could cause an \n      UpgradeProcessor leak in some circumstances. (markt)\n    + Fix:  Review usage of debug logging and downgrade trace or data dumping\n      operations from debug level to trace. (remm)\n    + Fix:  Ensure that WebSocket connection closure completes if the \n      connection is closed when the server side has used the proprietary \n      suspend/resume feature to suspend the connection. (markt)\n  * Web applications\n    + Add:  Add support for responses in JSON format from the examples \n      application RequestHeaderExample. (schultz)\n  * Other\n    + Add:  Improvements to French translations. (remm)\n    + Add:  Improvements to Japanese translations by tak7iji. (markt)\n    + Update:  Update Checkstyle to 10.13.0. (markt)\n    + Update:  Update JSign to 6.0. (markt)\n    + Update:  Add strings for debug level messages. (remm)\n    + Update:  Update Tomcat Native to 1.3.0. (markt)\n    + Add:  Improvements to French translations. (remm)\n    + Add:  Improvements to Japanese translations by tak7iji. (markt)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-1345,SUSE-SLE-Module-Development-Tools-15-SP5-2024-1345,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1345,SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-1345,SUSE-SLE-Module-Web-Scripting-15-SP5-2024-1345,SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1345,SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1345,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1345,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1345,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1345,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1345,SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1345,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1345,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1345,SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1345,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1345,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1345,SUSE-Storage-7.1-2024-1345,openSUSE-SLE-15.5-2024-1345",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1345-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:1345-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241345-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:1345-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018380.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221385",
        "url": "https://bugzilla.suse.com/1221385"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221386",
        "url": "https://bugzilla.suse.com/1221386"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-23672 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-23672/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24549 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24549/"
      }
    ],
    "title": "Security update for tomcat",
    "tracking": {
      "current_release_date": "2024-04-18T17:15:53Z",
      "generator": {
        "date": "2024-04-18T17:15:53Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:1345-1",
      "initial_release_date": "2024-04-18T17:15:53Z",
      "revision_history": [
        {
          "date": "2024-04-18T17:15:53Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
                "product": {
                  "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
                  "product_id": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64",
                "product": {
                  "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64",
                  "product_id": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "apache-commons-daemon-1.3.4-150200.11.14.1.i586",
                "product": {
                  "name": "apache-commons-daemon-1.3.4-150200.11.14.1.i586",
                  "product_id": "apache-commons-daemon-1.3.4-150200.11.14.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.i586",
                "product": {
                  "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.i586",
                  "product_id": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch",
                "product": {
                  "name": "apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch",
                  "product_id": "apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
                "product": {
                  "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
                  "product_id": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch",
                "product": {
                  "name": "apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch",
                  "product_id": "apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
                "product": {
                  "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
                  "product_id": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch",
                "product": {
                  "name": "apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch",
                  "product_id": "apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-el-1_0-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-el-1_0-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-el-1_0-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch",
                "product": {
                  "name": "geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch",
                  "product_id": "geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
                "product": {
                  "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
                  "product_id": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch",
                "product": {
                  "name": "jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch",
                  "product_id": "jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-9.0.87-150200.65.1.noarch",
                "product": {
                  "name": "tomcat-9.0.87-150200.65.1.noarch",
                  "product_id": "tomcat-9.0.87-150200.65.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
                "product": {
                  "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
                  "product_id": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-9.0.87-150200.65.1.noarch",
                "product": {
                  "name": "tomcat-docs-webapp-9.0.87-150200.65.1.noarch",
                  "product_id": "tomcat-docs-webapp-9.0.87-150200.65.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
                "product": {
                  "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
                  "product_id": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-embed-9.0.87-150200.65.1.noarch",
                "product": {
                  "name": "tomcat-embed-9.0.87-150200.65.1.noarch",
                  "product_id": "tomcat-embed-9.0.87-150200.65.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-javadoc-9.0.87-150200.65.1.noarch",
                "product": {
                  "name": "tomcat-javadoc-9.0.87-150200.65.1.noarch",
                  "product_id": "tomcat-javadoc-9.0.87-150200.65.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
                "product": {
                  "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
                  "product_id": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsvc-9.0.87-150200.65.1.noarch",
                "product": {
                  "name": "tomcat-jsvc-9.0.87-150200.65.1.noarch",
                  "product_id": "tomcat-jsvc-9.0.87-150200.65.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-9.0.87-150200.65.1.noarch",
                "product": {
                  "name": "tomcat-lib-9.0.87-150200.65.1.noarch",
                  "product_id": "tomcat-lib-9.0.87-150200.65.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
                "product": {
                  "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
                  "product_id": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-9.0.87-150200.65.1.noarch",
                "product": {
                  "name": "tomcat-webapps-9.0.87-150200.65.1.noarch",
                  "product_id": "tomcat-webapps-9.0.87-150200.65.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
                "product": {
                  "name": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
                  "product_id": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le",
                "product": {
                  "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le",
                  "product_id": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
                "product": {
                  "name": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
                  "product_id": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x",
                "product": {
                  "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x",
                  "product_id": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
                "product": {
                  "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
                  "product_id": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64",
                "product": {
                  "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64",
                  "product_id": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:packagehub:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Manager Server Module 4.3",
                "product": {
                  "name": "SUSE Manager Server Module 4.3",
                  "product_id": "SUSE Manager Server Module 4.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-suse-manager-server:4.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-web-scripting:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Manager Server 4.3",
                "product": {
                  "name": "SUSE Manager Server 4.3",
                  "product_id": "SUSE Manager Server 4.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-manager-server:4.3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 7.1",
                "product": {
                  "name": "SUSE Enterprise Storage 7.1",
                  "product_id": "SUSE Enterprise Storage 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:7.1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.5",
                "product": {
                  "name": "openSUSE Leap 15.5",
                  "product_id": "openSUSE Leap 15.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Manager Server Module 4.3",
          "product_id": "SUSE Manager Server Module 4.3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server Module 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Manager Server Module 4.3",
          "product_id": "SUSE Manager Server Module 4.3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server Module 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Module for Web and Scripting 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Web and Scripting 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.s390x"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Manager Server 4.3",
          "product_id": "SUSE Manager Server 4.3:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Manager Server 4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch"
        },
        "product_reference": "apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64"
        },
        "product_reference": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le"
        },
        "product_reference": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x"
        },
        "product_reference": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64"
        },
        "product_reference": "apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch"
        },
        "product_reference": "apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch"
        },
        "product_reference": "apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-el-1_0-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-el-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-el-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch"
        },
        "product_reference": "geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch"
        },
        "product_reference": "jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.87-150200.65.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-9.0.87-150200.65.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat-docs-webapp-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-docs-webapp-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-embed-9.0.87-150200.65.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat-embed-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-embed-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-9.0.87-150200.65.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat-javadoc-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-javadoc-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-9.0.87-150200.65.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat-jsvc-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-jsvc-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.87-150200.65.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat-lib-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.87-150200.65.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:tomcat-webapps-9.0.87-150200.65.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.87-150200.65.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-23672"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nOlder, EOL versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Enterprise Storage 7.1:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Enterprise Storage 7.1:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Enterprise Storage 7.1:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Enterprise Storage 7.1:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Enterprise Storage 7.1:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Enterprise Storage 7.1:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Enterprise Storage 7.1:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Manager Server 4.3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Manager Server 4.3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Manager Server 4.3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Manager Server 4.3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Manager Server 4.3:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server Module 4.3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Manager Server Module 4.3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "openSUSE Leap 15.5:apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch",
          "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64",
          "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le",
          "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x",
          "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64",
          "openSUSE Leap 15.5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "openSUSE Leap 15.5:apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch",
          "openSUSE Leap 15.5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "openSUSE Leap 15.5:apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-el-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "openSUSE Leap 15.5:jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch",
          "openSUSE Leap 15.5:tomcat-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-docs-webapp-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-embed-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-javadoc-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-jsvc-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-lib-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-webapps-9.0.87-150200.65.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-23672",
          "url": "https://www.suse.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221385 for CVE-2024-23672",
          "url": "https://bugzilla.suse.com/1221385"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Enterprise Storage 7.1:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Enterprise Storage 7.1:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Manager Server 4.3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Manager Server 4.3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Manager Server 4.3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Manager Server 4.3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Manager Server 4.3:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server Module 4.3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Manager Server Module 4.3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "openSUSE Leap 15.5:apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64",
            "openSUSE Leap 15.5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-el-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "openSUSE Leap 15.5:jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch",
            "openSUSE Leap 15.5:tomcat-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-docs-webapp-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-embed-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-javadoc-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-jsvc-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-lib-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-webapps-9.0.87-150200.65.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Enterprise Storage 7.1:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Enterprise Storage 7.1:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Manager Server 4.3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Manager Server 4.3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Manager Server 4.3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Manager Server 4.3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Manager Server 4.3:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server Module 4.3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Manager Server Module 4.3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "openSUSE Leap 15.5:apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64",
            "openSUSE Leap 15.5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-el-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "openSUSE Leap 15.5:jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch",
            "openSUSE Leap 15.5:tomcat-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-docs-webapp-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-embed-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-javadoc-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-jsvc-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-lib-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-webapps-9.0.87-150200.65.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-04-18T17:15:53Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24549"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Enterprise Storage 7.1:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Enterprise Storage 7.1:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Enterprise Storage 7.1:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Enterprise Storage 7.1:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Enterprise Storage 7.1:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Enterprise Storage 7.1:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Enterprise Storage 7.1:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "SUSE Manager Server 4.3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "SUSE Manager Server 4.3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "SUSE Manager Server 4.3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "SUSE Manager Server 4.3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "SUSE Manager Server 4.3:tomcat-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-lib-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server 4.3:tomcat-webapps-9.0.87-150200.65.1.noarch",
          "SUSE Manager Server Module 4.3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "SUSE Manager Server Module 4.3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
          "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
          "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
          "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
          "openSUSE Leap 15.5:apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch",
          "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64",
          "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le",
          "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x",
          "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64",
          "openSUSE Leap 15.5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
          "openSUSE Leap 15.5:apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch",
          "openSUSE Leap 15.5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
          "openSUSE Leap 15.5:apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-el-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch",
          "openSUSE Leap 15.5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
          "openSUSE Leap 15.5:jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch",
          "openSUSE Leap 15.5:tomcat-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-docs-webapp-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-embed-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-javadoc-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-jsvc-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-lib-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
          "openSUSE Leap 15.5:tomcat-webapps-9.0.87-150200.65.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24549",
          "url": "https://www.suse.com/security/cve/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221386 for CVE-2024-24549",
          "url": "https://bugzilla.suse.com/1221386"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Enterprise Storage 7.1:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Enterprise Storage 7.1:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Manager Server 4.3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Manager Server 4.3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Manager Server 4.3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Manager Server 4.3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Manager Server 4.3:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server Module 4.3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Manager Server Module 4.3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "openSUSE Leap 15.5:apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64",
            "openSUSE Leap 15.5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-el-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "openSUSE Leap 15.5:jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch",
            "openSUSE Leap 15.5:tomcat-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-docs-webapp-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-embed-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-javadoc-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-jsvc-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-lib-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-webapps-9.0.87-150200.65.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Enterprise Storage 7.1:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Enterprise Storage 7.1:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Enterprise Storage 7.1:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Enterprise Storage 7.1:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Enterprise Storage 7.1:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Package Hub 15 SP5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Module for Web and Scripting 15 SP5:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "SUSE Manager Server 4.3:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "SUSE Manager Server 4.3:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "SUSE Manager Server 4.3:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "SUSE Manager Server 4.3:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "SUSE Manager Server 4.3:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "SUSE Manager Server 4.3:tomcat-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-lib-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server 4.3:tomcat-webapps-9.0.87-150200.65.1.noarch",
            "SUSE Manager Server Module 4.3:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "SUSE Manager Server Module 4.3:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.aarch64",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.ppc64le",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.s390x",
            "openSUSE Leap 15.5:apache-commons-daemon-1.3.4-150200.11.14.1.x86_64",
            "openSUSE Leap 15.5:apache-commons-daemon-javadoc-1.3.4-150200.11.14.1.noarch",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.aarch64",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.ppc64le",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.s390x",
            "openSUSE Leap 15.5:apache-commons-daemon-jsvc-1.3.4-150200.11.14.1.x86_64",
            "openSUSE Leap 15.5:apache-commons-dbcp-2.1.1-150200.10.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-dbcp-javadoc-2.1.1-150200.10.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-pool2-2.4.2-150200.11.8.1.noarch",
            "openSUSE Leap 15.5:apache-commons-pool2-javadoc-2.4.2-150200.11.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-annotation-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-commonj-1_1-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-corba-1_0-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-corba-2_3-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ejb-2_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ejb-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-el-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-interceptor-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-1_4-apis-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-connector-1_5-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-management-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-j2ee-management-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jacc-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jacc-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaf-1_0_2-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaf-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javaee-deployment-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javamail-1_3_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-javamail-1_4-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaxr-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jaxrpc-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jms-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jpa-3_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jsp-2_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jsp-2_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jta-1_0_1B-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-jta-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-qname-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-saaj-1_1-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-servlet-2_4-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-servlet-2_5-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-stax-1_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:geronimo-ws-metadata-2_0-api-1.2-150200.15.8.1.noarch",
            "openSUSE Leap 15.5:jakarta-taglibs-standard-1.1.1-150000.4.10.1.noarch",
            "openSUSE Leap 15.5:jakarta-taglibs-standard-javadoc-1.1.1-150000.4.10.1.noarch",
            "openSUSE Leap 15.5:tomcat-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-admin-webapps-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-docs-webapp-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-el-3_0-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-embed-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-javadoc-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-jsp-2_3-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-jsvc-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-lib-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-servlet-4_0-api-9.0.87-150200.65.1.noarch",
            "openSUSE Leap 15.5:tomcat-webapps-9.0.87-150200.65.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-04-18T17:15:53Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24549"
    }
  ]
}

suse-su-2024:1205-1

Vulnerability from csaf_suse

Published

2024-04-11 10:44

Modified

2024-04-11 10:44

Summary

Security update for tomcat

Notes

Title of the patch

Security update for tomcat

Description of the patch

Patchnames

SUSE-2024-1205,SUSE-SLE-SERVER-12-SP5-2024-1205

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for tomcat",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for tomcat fixes the following issues:\n\n  - CVE-2024-24549: Fixed denial of service during header validation for HTTP/2 stream (bsc#1221386)\n  - CVE-2024-23672: Fixed denial of service due to malicious WebSocket client keeping connection open (bsc#1221385)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-1205,SUSE-SLE-SERVER-12-SP5-2024-1205",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1205-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:1205-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241205-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:1205-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2024-April/034930.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221385",
        "url": "https://bugzilla.suse.com/1221385"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221386",
        "url": "https://bugzilla.suse.com/1221386"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-23672 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-23672/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24549 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24549/"
      }
    ],
    "title": "Security update for tomcat",
    "tracking": {
      "current_release_date": "2024-04-11T10:44:02Z",
      "generator": {
        "date": "2024-04-11T10:44:02Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:1205-1",
      "initial_release_date": "2024-04-11T10:44:02Z",
      "revision_history": [
        {
          "date": "2024-04-11T10:44:02Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-9.0.36-3.124.1.noarch",
                "product": {
                  "name": "tomcat-9.0.36-3.124.1.noarch",
                  "product_id": "tomcat-9.0.36-3.124.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-9.0.36-3.124.1.noarch",
                "product": {
                  "name": "tomcat-admin-webapps-9.0.36-3.124.1.noarch",
                  "product_id": "tomcat-admin-webapps-9.0.36-3.124.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-9.0.36-3.124.1.noarch",
                "product": {
                  "name": "tomcat-docs-webapp-9.0.36-3.124.1.noarch",
                  "product_id": "tomcat-docs-webapp-9.0.36-3.124.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
                "product": {
                  "name": "tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
                  "product_id": "tomcat-el-3_0-api-9.0.36-3.124.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-embed-9.0.36-3.124.1.noarch",
                "product": {
                  "name": "tomcat-embed-9.0.36-3.124.1.noarch",
                  "product_id": "tomcat-embed-9.0.36-3.124.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-javadoc-9.0.36-3.124.1.noarch",
                "product": {
                  "name": "tomcat-javadoc-9.0.36-3.124.1.noarch",
                  "product_id": "tomcat-javadoc-9.0.36-3.124.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
                "product": {
                  "name": "tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
                  "product_id": "tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsvc-9.0.36-3.124.1.noarch",
                "product": {
                  "name": "tomcat-jsvc-9.0.36-3.124.1.noarch",
                  "product_id": "tomcat-jsvc-9.0.36-3.124.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-9.0.36-3.124.1.noarch",
                "product": {
                  "name": "tomcat-lib-9.0.36-3.124.1.noarch",
                  "product_id": "tomcat-lib-9.0.36-3.124.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
                "product": {
                  "name": "tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
                  "product_id": "tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-9.0.36-3.124.1.noarch",
                "product": {
                  "name": "tomcat-webapps-9.0.36-3.124.1.noarch",
                  "product_id": "tomcat-webapps-9.0.36-3.124.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:tomcat-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-docs-webapp-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-javadoc-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-docs-webapp-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3_0-api-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-javadoc-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-lib-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-9.0.36-3.124.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch"
        },
        "product_reference": "tomcat-webapps-9.0.36-3.124.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-23672"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nOlder, EOL versions may also be affected.\n\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:tomcat-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-23672",
          "url": "https://www.suse.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221385 for CVE-2024-23672",
          "url": "https://bugzilla.suse.com/1221385"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:tomcat-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:tomcat-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-04-11T10:44:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-23672"
    },
    {
      "cve": "CVE-2024-24549",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24549"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Denial of Service due to improper input validation vulnerability for HTTP/2 requests in Apache Tomcat. When processing an HTTP/2 request, if the request exceeded any of the configured limits for headers, the associated HTTP/2 stream was not reset until after all of the headers had been processed.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:tomcat-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24549",
          "url": "https://www.suse.com/security/cve/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221386 for CVE-2024-24549",
          "url": "https://bugzilla.suse.com/1221386"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:tomcat-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:tomcat-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-admin-webapps-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-docs-webapp-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-el-3_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-javadoc-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-jsp-2_3-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-lib-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-servlet-4_0-api-9.0.36-3.124.1.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:tomcat-webapps-9.0.36-3.124.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-04-11T10:44:02Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24549"
    }
  ]
}

rhsa-2024:3308

Vulnerability from csaf_redhat

Published

2024-05-23 06:18

Modified

2025-08-03 06:44

Summary

Red Hat Security Advisory: tomcat security and bug fix update

Notes

Topic

An update for tomcat is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for tomcat is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)\n\n* Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)\n\nBug Fix(es) and Enhancement(s):\n\n* Rebase tomcat to version 9.0.87 (JIRA:RHEL-34814)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:3308",
        "url": "https://access.redhat.com/errata/RHSA-2024:3308"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2269607",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269607"
      },
      {
        "category": "external",
        "summary": "2269608",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3308.json"
      }
    ],
    "title": "Red Hat Security Advisory: tomcat security and bug fix update",
    "tracking": {
      "current_release_date": "2025-08-03T06:44:28+00:00",
      "generator": {
        "date": "2025-08-03T06:44:28+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.6"
        }
      },
      "id": "RHSA-2024:3308",
      "initial_release_date": "2024-05-23T06:18:36+00:00",
      "revision_history": [
        {
          "date": "2024-05-23T06:18:36+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-05-23T06:18:37+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-08-03T06:44:28+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream EUS (v.9.2)",
                  "product_id": "AppStream-9.2.0.Z.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_eus:9.2::appstream"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-1:9.0.87-1.el9_2.1.src",
                "product": {
                  "name": "tomcat-1:9.0.87-1.el9_2.1.src",
                  "product_id": "tomcat-1:9.0.87-1.el9_2.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@9.0.87-1.el9_2.1?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-1:9.0.87-1.el9_2.1.noarch",
                "product": {
                  "name": "tomcat-1:9.0.87-1.el9_2.1.noarch",
                  "product_id": "tomcat-1:9.0.87-1.el9_2.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@9.0.87-1.el9_2.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
                "product": {
                  "name": "tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
                  "product_id": "tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-admin-webapps@9.0.87-1.el9_2.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
                "product": {
                  "name": "tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
                  "product_id": "tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-docs-webapp@9.0.87-1.el9_2.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
                "product": {
                  "name": "tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
                  "product_id": "tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-el-3.0-api@9.0.87-1.el9_2.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
                "product": {
                  "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
                  "product_id": "tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-jsp-2.3-api@9.0.87-1.el9_2.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
                "product": {
                  "name": "tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
                  "product_id": "tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-lib@9.0.87-1.el9_2.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
                "product": {
                  "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
                  "product_id": "tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-servlet-4.0-api@9.0.87-1.el9_2.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-1:9.0.87-1.el9_2.1.noarch",
                "product": {
                  "name": "tomcat-webapps-1:9.0.87-1.el9_2.1.noarch",
                  "product_id": "tomcat-webapps-1:9.0.87-1.el9_2.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-webapps@9.0.87-1.el9_2.1?arch=noarch\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-1:9.0.87-1.el9_2.1.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
          "product_id": "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.noarch"
        },
        "product_reference": "tomcat-1:9.0.87-1.el9_2.1.noarch",
        "relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-1:9.0.87-1.el9_2.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
          "product_id": "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.src"
        },
        "product_reference": "tomcat-1:9.0.87-1.el9_2.1.src",
        "relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
          "product_id": "AppStream-9.2.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
        "relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
          "product_id": "AppStream-9.2.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch"
        },
        "product_reference": "tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
        "relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
          "product_id": "AppStream-9.2.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch"
        },
        "product_reference": "tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
        "relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
          "product_id": "AppStream-9.2.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch"
        },
        "product_reference": "tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
        "relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-1:9.0.87-1.el9_2.1.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
          "product_id": "AppStream-9.2.0.Z.EUS:tomcat-lib-1:9.0.87-1.el9_2.1.noarch"
        },
        "product_reference": "tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
        "relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
          "product_id": "AppStream-9.2.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch"
        },
        "product_reference": "tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
        "relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-1:9.0.87-1.el9_2.1.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.9.2)",
          "product_id": "AppStream-9.2.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el9_2.1.noarch"
        },
        "product_reference": "tomcat-webapps-1:9.0.87-1.el9_2.1.noarch",
        "relates_to_product_reference": "AppStream-9.2.0.Z.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269608"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service (DoS) vulnerability present in the Apache Tomcat package arises from an incomplete cleanup process. Specifically, WebSocket clients can perpetuate WebSocket connections without proper termination, thereby causing a sustained drain on system resources. This vulnerability facilitates the exploitation of Apache Tomcat servers, leading to a scenario where excessive resource consumption occurs due to the prolonged existence of these open WebSocket connections. As a consequence, the server\u0027s performance may degrade significantly, resulting in potential service disruption or unresponsiveness.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: WebSocket DoS with incomplete closing handshake",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Denial of Service (DoS) vulnerability within the Apache Tomcat package represents an Important severity issue due to its potential to significantly impact system availability and performance. By allowing WebSocket clients to maintain open connections without proper cleanup, the vulnerability facilitates the sustained consumption of server resources. This exploitation results in increased CPU, memory, and network utilization, ultimately leading to server degradation or unresponsiveness. The inability to terminate these lingering connections efficiently exacerbates the severity of the issue, as it enables attackers to exploit limited resources over an extended period, amplifying the impact of the attack.\n\nRed Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat, bundled into the pki-servlet-engine component. However, there are no entry point for WebSockets, and thus it is not possible to trigger the flaw in a supported setup.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.src",
          "AppStream-9.2.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el9_2.1.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269608",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23672",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f",
          "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-23T06:18:36+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.src",
            "AppStream-9.2.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el9_2.1.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3308"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.src",
            "AppStream-9.2.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el9_2.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.src",
            "AppStream-9.2.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el9_2.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: WebSocket DoS with incomplete closing handshake"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269607"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Tomcat package due to its handling of HTTP/2 requests. Specifically, when an HTTP/2 request surpasses the predetermined limits for headers configured within the server, the associated HTTP/2 stream isn\u0027t reset immediately. Instead, the reset action occurs only after all the headers within the request have been processed. This lapse in resetting the stream exposes the system to potential risks, as it allows malicious actors to exploit the delay in stream reset to carry out various attacks, such as header manipulation or resource exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: HTTP/2 header handling DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability presents an Important severity issue due to its potential to facilitate various forms of attack, particularly in the context of HTTP/2 protocol. By delaying the reset of HTTP/2 streams until after processing all headers, malicious actors can exploit this window to execute header manipulation attacks, leading to potential data exfiltration, injection of malicious content, or server resource exhaustion. Furthermore, the delayed reset prolongs the exposure time of vulnerable systems, increasing the likelihood of successful exploitation.\n\nIn addition, Red Hat Certificate System 10.0 and Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat that is bundled into the pki-servlet-engine component. However, HTTP/2 is not enabled in such a configuration, and it is not possible to trigger the flaw in a supported setup. See https://access.redhat.com/security/cve/CVE-2020-13934  for context.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.src",
          "AppStream-9.2.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
          "AppStream-9.2.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el9_2.1.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269607",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269607"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24549",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg",
          "url": "https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-23T06:18:36+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.src",
            "AppStream-9.2.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el9_2.1.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3308"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.src",
            "AppStream-9.2.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el9_2.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-1:9.0.87-1.el9_2.1.src",
            "AppStream-9.2.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-lib-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_2.1.noarch",
            "AppStream-9.2.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el9_2.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: HTTP/2 header handling DoS"
    }
  ]
}

rhsa-2024:1914

Vulnerability from csaf_redhat

Published

2024-05-07 12:19

Modified

2025-08-03 06:43

Summary

Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.0 release and security update

Notes

Topic

Red Hat JBoss Web Server 5.8.0 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.8.0 serves as a replacement for Red Hat JBoss Web Server 5.7.8. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section. Security Fix(es): * tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat JBoss Web Server 5.8.0 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 5.8.0 serves as a replacement for Red Hat JBoss Web Server 5.7.8. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section.\n\nSecurity Fix(es):\n\n* tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:1914",
        "url": "https://access.redhat.com/errata/RHSA-2024:1914"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/5.8/html-single/red_hat_jboss_web_server_5.8_release_notes/index",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/5.8/html-single/red_hat_jboss_web_server_5.8_release_notes/index"
      },
      {
        "category": "external",
        "summary": "2269608",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1914.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.0 release and security update",
    "tracking": {
      "current_release_date": "2025-08-03T06:43:51+00:00",
      "generator": {
        "date": "2025-08-03T06:43:51+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.6"
        }
      },
      "id": "RHSA-2024:1914",
      "initial_release_date": "2024-05-07T12:19:31+00:00",
      "revision_history": [
        {
          "date": "2024-05-07T12:19:31+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-05-07T12:19:32+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-08-03T06:43:51+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 5",
                "product": {
                  "name": "Red Hat JBoss Web Server 5",
                  "product_id": "Red Hat JBoss Web Server 5",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:5.8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269608"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service (DoS) vulnerability present in the Apache Tomcat package arises from an incomplete cleanup process. Specifically, WebSocket clients can perpetuate WebSocket connections without proper termination, thereby causing a sustained drain on system resources. This vulnerability facilitates the exploitation of Apache Tomcat servers, leading to a scenario where excessive resource consumption occurs due to the prolonged existence of these open WebSocket connections. As a consequence, the server\u0027s performance may degrade significantly, resulting in potential service disruption or unresponsiveness.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: WebSocket DoS with incomplete closing handshake",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Denial of Service (DoS) vulnerability within the Apache Tomcat package represents an Important severity issue due to its potential to significantly impact system availability and performance. By allowing WebSocket clients to maintain open connections without proper cleanup, the vulnerability facilitates the sustained consumption of server resources. This exploitation results in increased CPU, memory, and network utilization, ultimately leading to server degradation or unresponsiveness. The inability to terminate these lingering connections efficiently exacerbates the severity of the issue, as it enables attackers to exploit limited resources over an extended period, amplifying the impact of the attack.\n\nRed Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat, bundled into the pki-servlet-engine component. However, there are no entry point for WebSockets, and thus it is not possible to trigger the flaw in a supported setup.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 5"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269608",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23672",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f",
          "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-07T12:19:31+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation, including all applications and configuration files.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Red Hat JBoss Web Server 5"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1914"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat JBoss Web Server 5"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat JBoss Web Server 5"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: WebSocket DoS with incomplete closing handshake"
    }
  ]
}

rhsa-2024:3307

Vulnerability from csaf_redhat

Published

2024-05-23 06:23

Modified

2025-08-03 06:44

Summary

Red Hat Security Advisory: tomcat security and bug fix update

Notes

Topic

An update for tomcat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) * Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug Fix(es) and Enhancement(s): * Rebase tomcat to version 9.0.87 (JIRA:RHEL-34815) * Amend tomcat's changelog so that fixed CVEs are mentioned explicitly (JIRA:RHEL-35328) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for tomcat is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)\n\n* Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)\n\nBug Fix(es) and Enhancement(s):\n\n* Rebase tomcat to version 9.0.87 (JIRA:RHEL-34815)\n\n* Amend tomcat\u0027s changelog so that fixed CVEs are mentioned explicitly (JIRA:RHEL-35328)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:3307",
        "url": "https://access.redhat.com/errata/RHSA-2024:3307"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2269607",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269607"
      },
      {
        "category": "external",
        "summary": "2269608",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3307.json"
      }
    ],
    "title": "Red Hat Security Advisory: tomcat security and bug fix update",
    "tracking": {
      "current_release_date": "2025-08-03T06:44:40+00:00",
      "generator": {
        "date": "2025-08-03T06:44:40+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.6"
        }
      },
      "id": "RHSA-2024:3307",
      "initial_release_date": "2024-05-23T06:23:23+00:00",
      "revision_history": [
        {
          "date": "2024-05-23T06:23:23+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-05-23T06:23:23+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-08-03T06:44:40+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                  "product_id": "AppStream-9.4.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-1:9.0.87-1.el9_4.1.src",
                "product": {
                  "name": "tomcat-1:9.0.87-1.el9_4.1.src",
                  "product_id": "tomcat-1:9.0.87-1.el9_4.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@9.0.87-1.el9_4.1?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-1:9.0.87-1.el9_4.1.noarch",
                "product": {
                  "name": "tomcat-1:9.0.87-1.el9_4.1.noarch",
                  "product_id": "tomcat-1:9.0.87-1.el9_4.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@9.0.87-1.el9_4.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
                "product": {
                  "name": "tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
                  "product_id": "tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-admin-webapps@9.0.87-1.el9_4.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
                "product": {
                  "name": "tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
                  "product_id": "tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-docs-webapp@9.0.87-1.el9_4.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
                "product": {
                  "name": "tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
                  "product_id": "tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-el-3.0-api@9.0.87-1.el9_4.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
                "product": {
                  "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
                  "product_id": "tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-jsp-2.3-api@9.0.87-1.el9_4.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
                "product": {
                  "name": "tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
                  "product_id": "tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-lib@9.0.87-1.el9_4.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
                "product": {
                  "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
                  "product_id": "tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-servlet-4.0-api@9.0.87-1.el9_4.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-1:9.0.87-1.el9_4.1.noarch",
                "product": {
                  "name": "tomcat-webapps-1:9.0.87-1.el9_4.1.noarch",
                  "product_id": "tomcat-webapps-1:9.0.87-1.el9_4.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-webapps@9.0.87-1.el9_4.1?arch=noarch\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-1:9.0.87-1.el9_4.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.noarch"
        },
        "product_reference": "tomcat-1:9.0.87-1.el9_4.1.noarch",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-1:9.0.87-1.el9_4.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.src"
        },
        "product_reference": "tomcat-1:9.0.87-1.el9_4.1.src",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch"
        },
        "product_reference": "tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch"
        },
        "product_reference": "tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch"
        },
        "product_reference": "tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-1:9.0.87-1.el9_4.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el9_4.1.noarch"
        },
        "product_reference": "tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch"
        },
        "product_reference": "tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-1:9.0.87-1.el9_4.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.4.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el9_4.1.noarch"
        },
        "product_reference": "tomcat-webapps-1:9.0.87-1.el9_4.1.noarch",
        "relates_to_product_reference": "AppStream-9.4.0.Z.MAIN.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269608"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service (DoS) vulnerability present in the Apache Tomcat package arises from an incomplete cleanup process. Specifically, WebSocket clients can perpetuate WebSocket connections without proper termination, thereby causing a sustained drain on system resources. This vulnerability facilitates the exploitation of Apache Tomcat servers, leading to a scenario where excessive resource consumption occurs due to the prolonged existence of these open WebSocket connections. As a consequence, the server\u0027s performance may degrade significantly, resulting in potential service disruption or unresponsiveness.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: WebSocket DoS with incomplete closing handshake",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Denial of Service (DoS) vulnerability within the Apache Tomcat package represents an Important severity issue due to its potential to significantly impact system availability and performance. By allowing WebSocket clients to maintain open connections without proper cleanup, the vulnerability facilitates the sustained consumption of server resources. This exploitation results in increased CPU, memory, and network utilization, ultimately leading to server degradation or unresponsiveness. The inability to terminate these lingering connections efficiently exacerbates the severity of the issue, as it enables attackers to exploit limited resources over an extended period, amplifying the impact of the attack.\n\nRed Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat, bundled into the pki-servlet-engine component. However, there are no entry point for WebSockets, and thus it is not possible to trigger the flaw in a supported setup.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.src",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el9_4.1.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269608",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23672",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f",
          "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-23T06:23:23+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el9_4.1.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3307"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el9_4.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el9_4.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: WebSocket DoS with incomplete closing handshake"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269607"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Tomcat package due to its handling of HTTP/2 requests. Specifically, when an HTTP/2 request surpasses the predetermined limits for headers configured within the server, the associated HTTP/2 stream isn\u0027t reset immediately. Instead, the reset action occurs only after all the headers within the request have been processed. This lapse in resetting the stream exposes the system to potential risks, as it allows malicious actors to exploit the delay in stream reset to carry out various attacks, such as header manipulation or resource exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: HTTP/2 header handling DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability presents an Important severity issue due to its potential to facilitate various forms of attack, particularly in the context of HTTP/2 protocol. By delaying the reset of HTTP/2 streams until after processing all headers, malicious actors can exploit this window to execute header manipulation attacks, leading to potential data exfiltration, injection of malicious content, or server resource exhaustion. Furthermore, the delayed reset prolongs the exposure time of vulnerable systems, increasing the likelihood of successful exploitation.\n\nIn addition, Red Hat Certificate System 10.0 and Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat that is bundled into the pki-servlet-engine component. However, HTTP/2 is not enabled in such a configuration, and it is not possible to trigger the flaw in a supported setup. See https://access.redhat.com/security/cve/CVE-2020-13934  for context.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.src",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
          "AppStream-9.4.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el9_4.1.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269607",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269607"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24549",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg",
          "url": "https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-23T06:23:23+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el9_4.1.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3307"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el9_4.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el9_4.1.src",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el9_4.1.noarch",
            "AppStream-9.4.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el9_4.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: HTTP/2 header handling DoS"
    }
  ]
}

rhsa-2024:3814

Vulnerability from csaf_redhat

Published

2024-06-11 17:34

Modified

2025-08-03 06:45

Summary

Red Hat Security Advisory: tomcat security and bug fix update

Notes

Topic

An update for tomcat is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for tomcat is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)\n\n* Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)\n\nBug Fix(es):\n\n* Rebase tomcat to version 9.0.87 (JIRA:RHEL-34811)\n\n* Amend tomcat package\u0027s changelog so that fixed CVEs are mentioned explicitly (JIRA:RHEL-37865)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:3814",
        "url": "https://access.redhat.com/errata/RHSA-2024:3814"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2269607",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269607"
      },
      {
        "category": "external",
        "summary": "2269608",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3814.json"
      }
    ],
    "title": "Red Hat Security Advisory: tomcat security and bug fix update",
    "tracking": {
      "current_release_date": "2025-08-03T06:45:56+00:00",
      "generator": {
        "date": "2025-08-03T06:45:56+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.6"
        }
      },
      "id": "RHSA-2024:3814",
      "initial_release_date": "2024-06-11T17:34:47+00:00",
      "revision_history": [
        {
          "date": "2024-06-11T17:34:47+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-06-11T17:34:47+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-08-03T06:45:56+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream EUS (v.8.8)",
                  "product_id": "AppStream-8.8.0.Z.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_eus:8.8::appstream"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-1:9.0.87-1.el8_8.2.src",
                "product": {
                  "name": "tomcat-1:9.0.87-1.el8_8.2.src",
                  "product_id": "tomcat-1:9.0.87-1.el8_8.2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@9.0.87-1.el8_8.2?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-1:9.0.87-1.el8_8.2.noarch",
                "product": {
                  "name": "tomcat-1:9.0.87-1.el8_8.2.noarch",
                  "product_id": "tomcat-1:9.0.87-1.el8_8.2.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@9.0.87-1.el8_8.2?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
                "product": {
                  "name": "tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
                  "product_id": "tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-admin-webapps@9.0.87-1.el8_8.2?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
                "product": {
                  "name": "tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
                  "product_id": "tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-docs-webapp@9.0.87-1.el8_8.2?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
                "product": {
                  "name": "tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
                  "product_id": "tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-el-3.0-api@9.0.87-1.el8_8.2?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
                "product": {
                  "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
                  "product_id": "tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-jsp-2.3-api@9.0.87-1.el8_8.2?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
                "product": {
                  "name": "tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
                  "product_id": "tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-lib@9.0.87-1.el8_8.2?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
                "product": {
                  "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
                  "product_id": "tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-servlet-4.0-api@9.0.87-1.el8_8.2?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-1:9.0.87-1.el8_8.2.noarch",
                "product": {
                  "name": "tomcat-webapps-1:9.0.87-1.el8_8.2.noarch",
                  "product_id": "tomcat-webapps-1:9.0.87-1.el8_8.2.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-webapps@9.0.87-1.el8_8.2?arch=noarch\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-1:9.0.87-1.el8_8.2.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
          "product_id": "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.noarch"
        },
        "product_reference": "tomcat-1:9.0.87-1.el8_8.2.noarch",
        "relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-1:9.0.87-1.el8_8.2.src as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
          "product_id": "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.src"
        },
        "product_reference": "tomcat-1:9.0.87-1.el8_8.2.src",
        "relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
          "product_id": "AppStream-8.8.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch"
        },
        "product_reference": "tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
        "relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
          "product_id": "AppStream-8.8.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch"
        },
        "product_reference": "tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
        "relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
          "product_id": "AppStream-8.8.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch"
        },
        "product_reference": "tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
        "relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
          "product_id": "AppStream-8.8.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch"
        },
        "product_reference": "tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
        "relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-1:9.0.87-1.el8_8.2.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
          "product_id": "AppStream-8.8.0.Z.EUS:tomcat-lib-1:9.0.87-1.el8_8.2.noarch"
        },
        "product_reference": "tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
        "relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
          "product_id": "AppStream-8.8.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch"
        },
        "product_reference": "tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
        "relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-1:9.0.87-1.el8_8.2.noarch as a component of Red Hat Enterprise Linux AppStream EUS (v.8.8)",
          "product_id": "AppStream-8.8.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el8_8.2.noarch"
        },
        "product_reference": "tomcat-webapps-1:9.0.87-1.el8_8.2.noarch",
        "relates_to_product_reference": "AppStream-8.8.0.Z.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269608"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service (DoS) vulnerability present in the Apache Tomcat package arises from an incomplete cleanup process. Specifically, WebSocket clients can perpetuate WebSocket connections without proper termination, thereby causing a sustained drain on system resources. This vulnerability facilitates the exploitation of Apache Tomcat servers, leading to a scenario where excessive resource consumption occurs due to the prolonged existence of these open WebSocket connections. As a consequence, the server\u0027s performance may degrade significantly, resulting in potential service disruption or unresponsiveness.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: WebSocket DoS with incomplete closing handshake",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Denial of Service (DoS) vulnerability within the Apache Tomcat package represents an Important severity issue due to its potential to significantly impact system availability and performance. By allowing WebSocket clients to maintain open connections without proper cleanup, the vulnerability facilitates the sustained consumption of server resources. This exploitation results in increased CPU, memory, and network utilization, ultimately leading to server degradation or unresponsiveness. The inability to terminate these lingering connections efficiently exacerbates the severity of the issue, as it enables attackers to exploit limited resources over an extended period, amplifying the impact of the attack.\n\nRed Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat, bundled into the pki-servlet-engine component. However, there are no entry point for WebSockets, and thus it is not possible to trigger the flaw in a supported setup.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.src",
          "AppStream-8.8.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el8_8.2.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269608",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23672",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f",
          "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-11T17:34:47+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.src",
            "AppStream-8.8.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el8_8.2.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3814"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.src",
            "AppStream-8.8.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el8_8.2.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.src",
            "AppStream-8.8.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el8_8.2.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: WebSocket DoS with incomplete closing handshake"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269607"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Tomcat package due to its handling of HTTP/2 requests. Specifically, when an HTTP/2 request surpasses the predetermined limits for headers configured within the server, the associated HTTP/2 stream isn\u0027t reset immediately. Instead, the reset action occurs only after all the headers within the request have been processed. This lapse in resetting the stream exposes the system to potential risks, as it allows malicious actors to exploit the delay in stream reset to carry out various attacks, such as header manipulation or resource exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: HTTP/2 header handling DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability presents an Important severity issue due to its potential to facilitate various forms of attack, particularly in the context of HTTP/2 protocol. By delaying the reset of HTTP/2 streams until after processing all headers, malicious actors can exploit this window to execute header manipulation attacks, leading to potential data exfiltration, injection of malicious content, or server resource exhaustion. Furthermore, the delayed reset prolongs the exposure time of vulnerable systems, increasing the likelihood of successful exploitation.\n\nIn addition, Red Hat Certificate System 10.0 and Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat that is bundled into the pki-servlet-engine component. However, HTTP/2 is not enabled in such a configuration, and it is not possible to trigger the flaw in a supported setup. See https://access.redhat.com/security/cve/CVE-2020-13934  for context.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.src",
          "AppStream-8.8.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
          "AppStream-8.8.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el8_8.2.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269607",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269607"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24549",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg",
          "url": "https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-11T17:34:47+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.src",
            "AppStream-8.8.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el8_8.2.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3814"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.src",
            "AppStream-8.8.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el8_8.2.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-1:9.0.87-1.el8_8.2.src",
            "AppStream-8.8.0.Z.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-lib-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_8.2.noarch",
            "AppStream-8.8.0.Z.EUS:tomcat-webapps-1:9.0.87-1.el8_8.2.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: HTTP/2 header handling DoS"
    }
  ]
}

rhsa-2024:3666

Vulnerability from csaf_redhat

Published

2024-06-06 08:43

Modified

2025-08-03 06:45

Summary

Red Hat Security Advisory: tomcat security and bug fix update

Notes

Topic

An update for tomcat is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549) * Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) Bug Fix(es): * Rebase tomcat to version 9.0.87 (JIRA:RHEL-35813) * Amend tomcat package's changelog so that fixed CVEs are mentioned explicitly (JIRA:RHEL-38548) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for tomcat is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* Apache Tomcat: HTTP/2 header handling DoS (CVE-2024-24549)\n\n* Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)\n\nBug Fix(es):\n\n* Rebase tomcat to version 9.0.87 (JIRA:RHEL-35813)\n\n* Amend tomcat package\u0027s changelog so that fixed CVEs are mentioned explicitly (JIRA:RHEL-38548)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:3666",
        "url": "https://access.redhat.com/errata/RHSA-2024:3666"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2269607",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269607"
      },
      {
        "category": "external",
        "summary": "2269608",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_3666.json"
      }
    ],
    "title": "Red Hat Security Advisory: tomcat security and bug fix update",
    "tracking": {
      "current_release_date": "2025-08-03T06:45:42+00:00",
      "generator": {
        "date": "2025-08-03T06:45:42+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.6"
        }
      },
      "id": "RHSA-2024:3666",
      "initial_release_date": "2024-06-06T08:43:10+00:00",
      "revision_history": [
        {
          "date": "2024-06-06T08:43:10+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-06-06T08:43:10+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-08-03T06:45:42+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 8)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 8)",
                  "product_id": "AppStream-8.10.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-1:9.0.87-1.el8_10.1.src",
                "product": {
                  "name": "tomcat-1:9.0.87-1.el8_10.1.src",
                  "product_id": "tomcat-1:9.0.87-1.el8_10.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@9.0.87-1.el8_10.1?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-1:9.0.87-1.el8_10.1.noarch",
                "product": {
                  "name": "tomcat-1:9.0.87-1.el8_10.1.noarch",
                  "product_id": "tomcat-1:9.0.87-1.el8_10.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@9.0.87-1.el8_10.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
                "product": {
                  "name": "tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
                  "product_id": "tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-admin-webapps@9.0.87-1.el8_10.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
                "product": {
                  "name": "tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
                  "product_id": "tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-docs-webapp@9.0.87-1.el8_10.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
                "product": {
                  "name": "tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
                  "product_id": "tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-el-3.0-api@9.0.87-1.el8_10.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
                "product": {
                  "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
                  "product_id": "tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-jsp-2.3-api@9.0.87-1.el8_10.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
                "product": {
                  "name": "tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
                  "product_id": "tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-lib@9.0.87-1.el8_10.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
                "product": {
                  "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
                  "product_id": "tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-servlet-4.0-api@9.0.87-1.el8_10.1?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-1:9.0.87-1.el8_10.1.noarch",
                "product": {
                  "name": "tomcat-webapps-1:9.0.87-1.el8_10.1.noarch",
                  "product_id": "tomcat-webapps-1:9.0.87-1.el8_10.1.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-webapps@9.0.87-1.el8_10.1?arch=noarch\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-1:9.0.87-1.el8_10.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
          "product_id": "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.noarch"
        },
        "product_reference": "tomcat-1:9.0.87-1.el8_10.1.noarch",
        "relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-1:9.0.87-1.el8_10.1.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
          "product_id": "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.src"
        },
        "product_reference": "tomcat-1:9.0.87-1.el8_10.1.src",
        "relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
          "product_id": "AppStream-8.10.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch"
        },
        "product_reference": "tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
        "relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
          "product_id": "AppStream-8.10.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch"
        },
        "product_reference": "tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
        "relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
          "product_id": "AppStream-8.10.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch"
        },
        "product_reference": "tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
        "relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
          "product_id": "AppStream-8.10.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch"
        },
        "product_reference": "tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
        "relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-1:9.0.87-1.el8_10.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
          "product_id": "AppStream-8.10.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el8_10.1.noarch"
        },
        "product_reference": "tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
        "relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
          "product_id": "AppStream-8.10.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch"
        },
        "product_reference": "tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
        "relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-1:9.0.87-1.el8_10.1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 8)",
          "product_id": "AppStream-8.10.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el8_10.1.noarch"
        },
        "product_reference": "tomcat-webapps-1:9.0.87-1.el8_10.1.noarch",
        "relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269608"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service (DoS) vulnerability present in the Apache Tomcat package arises from an incomplete cleanup process. Specifically, WebSocket clients can perpetuate WebSocket connections without proper termination, thereby causing a sustained drain on system resources. This vulnerability facilitates the exploitation of Apache Tomcat servers, leading to a scenario where excessive resource consumption occurs due to the prolonged existence of these open WebSocket connections. As a consequence, the server\u0027s performance may degrade significantly, resulting in potential service disruption or unresponsiveness.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: WebSocket DoS with incomplete closing handshake",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Denial of Service (DoS) vulnerability within the Apache Tomcat package represents an Important severity issue due to its potential to significantly impact system availability and performance. By allowing WebSocket clients to maintain open connections without proper cleanup, the vulnerability facilitates the sustained consumption of server resources. This exploitation results in increased CPU, memory, and network utilization, ultimately leading to server degradation or unresponsiveness. The inability to terminate these lingering connections efficiently exacerbates the severity of the issue, as it enables attackers to exploit limited resources over an extended period, amplifying the impact of the attack.\n\nRed Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat, bundled into the pki-servlet-engine component. However, there are no entry point for WebSockets, and thus it is not possible to trigger the flaw in a supported setup.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.src",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el8_10.1.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269608",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23672",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f",
          "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-06T08:43:10+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.src",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el8_10.1.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3666"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.src",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el8_10.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.src",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el8_10.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: WebSocket DoS with incomplete closing handshake"
    },
    {
      "cve": "CVE-2024-24549",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269607"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Tomcat package due to its handling of HTTP/2 requests. Specifically, when an HTTP/2 request surpasses the predetermined limits for headers configured within the server, the associated HTTP/2 stream isn\u0027t reset immediately. Instead, the reset action occurs only after all the headers within the request have been processed. This lapse in resetting the stream exposes the system to potential risks, as it allows malicious actors to exploit the delay in stream reset to carry out various attacks, such as header manipulation or resource exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: HTTP/2 header handling DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability presents an Important severity issue due to its potential to facilitate various forms of attack, particularly in the context of HTTP/2 protocol. By delaying the reset of HTTP/2 streams until after processing all headers, malicious actors can exploit this window to execute header manipulation attacks, leading to potential data exfiltration, injection of malicious content, or server resource exhaustion. Furthermore, the delayed reset prolongs the exposure time of vulnerable systems, increasing the likelihood of successful exploitation.\n\nIn addition, Red Hat Certificate System 10.0 and Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat that is bundled into the pki-servlet-engine component. However, HTTP/2 is not enabled in such a configuration, and it is not possible to trigger the flaw in a supported setup. See https://access.redhat.com/security/cve/CVE-2020-13934  for context.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.src",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
          "AppStream-8.10.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el8_10.1.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269607",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269607"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24549",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24549"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg",
          "url": "https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-06T08:43:10+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.src",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el8_10.1.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:3666"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.src",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el8_10.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-1:9.0.87-1.el8_10.1.src",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-admin-webapps-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-docs-webapp-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-el-3.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-jsp-2.3-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-lib-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-servlet-4.0-api-1:9.0.87-1.el8_10.1.noarch",
            "AppStream-8.10.0.Z.MAIN.EUS:tomcat-webapps-1:9.0.87-1.el8_10.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: HTTP/2 header handling DoS"
    }
  ]
}

rhsa-2024:1913

Vulnerability from csaf_redhat

Published

2024-05-07 12:22

Modified

2025-08-03 06:43

Summary

Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.0 release and security update

Notes

Topic

An update is now available for Red Hat JBoss Web Server 5.8 on Red Hat Enterprise Linux versions 7, 8, and 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Web Server 5.8 on Red Hat Enterprise Linux versions 7, 8, and 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 5.8.0 serves as a replacement for Red Hat JBoss Web Server 5.7.8. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section.\n\nSecurity Fix(es):\n\n* tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:1913",
        "url": "https://access.redhat.com/errata/RHSA-2024:1913"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/5.8/html-single/red_hat_jboss_web_server_5.8_release_notes/index",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/5.8/html-single/red_hat_jboss_web_server_5.8_release_notes/index"
      },
      {
        "category": "external",
        "summary": "2269608",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1913.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 5.8.0 release and security update",
    "tracking": {
      "current_release_date": "2025-08-03T06:43:25+00:00",
      "generator": {
        "date": "2025-08-03T06:43:25+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.6"
        }
      },
      "id": "RHSA-2024:1913",
      "initial_release_date": "2024-05-07T12:22:38+00:00",
      "revision_history": [
        {
          "date": "2024-05-07T12:22:38+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-05-07T12:22:38+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-08-03T06:43:25+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
                "product": {
                  "name": "Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
                  "product_id": "7Server-JWS-5.8",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:5.8::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 5.8 for RHEL 8",
                "product": {
                  "name": "Red Hat JBoss Web Server 5.8 for RHEL 8",
                  "product_id": "8Base-JWS-5.8",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:5.8::el8"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 5.8 for RHEL 9",
                "product": {
                  "name": "Red Hat JBoss Web Server 5.8 for RHEL 9",
                  "product_id": "9Base-JWS-5.8",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:5.8::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.src",
                "product": {
                  "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.src",
                  "product_id": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-mod_cluster@1.4.5-1.Final_redhat_00001.1.el7jws?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.src",
                "product": {
                  "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.src",
                  "product_id": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1.el7jws?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.src",
                "product": {
                  "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.src",
                  "product_id": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-mod_cluster@1.4.5-1.Final_redhat_00001.1.el8jws?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.src",
                "product": {
                  "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.src",
                  "product_id": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1.el8jws?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.src",
                "product": {
                  "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.src",
                  "product_id": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-mod_cluster@1.4.5-1.Final_redhat_00001.1.el9jws?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.src",
                "product": {
                  "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.src",
                  "product_id": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1.el9jws?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
                "product": {
                  "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
                  "product_id": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-mod_cluster@1.4.5-1.Final_redhat_00001.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
                "product": {
                  "name": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
                  "product_id": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-mod_cluster-tomcat@1.4.5-1.Final_redhat_00001.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-admin-webapps@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-docs-webapp@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-el-3.0-api@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-java-jdk11-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-java-jdk11-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-java-jdk11-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-java-jdk11@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-java-jdk8-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-java-jdk8-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-java-jdk8-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-java-jdk8@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-javadoc@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-jsp-2.3-api@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-lib@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-selinux@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-servlet-4.0-api@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                "product": {
                  "name": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_id": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-webapps@9.0.87-3.redhat_00003.1.el7jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
                "product": {
                  "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
                  "product_id": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-mod_cluster@1.4.5-1.Final_redhat_00001.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
                "product": {
                  "name": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
                  "product_id": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-mod_cluster-tomcat@1.4.5-1.Final_redhat_00001.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                "product": {
                  "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_id": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                "product": {
                  "name": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_id": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-admin-webapps@9.0.87-3.redhat_00003.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                "product": {
                  "name": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_id": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-docs-webapp@9.0.87-3.redhat_00003.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                "product": {
                  "name": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_id": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-el-3.0-api@9.0.87-3.redhat_00003.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                "product": {
                  "name": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_id": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-javadoc@9.0.87-3.redhat_00003.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                "product": {
                  "name": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_id": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-jsp-2.3-api@9.0.87-3.redhat_00003.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                "product": {
                  "name": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_id": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-lib@9.0.87-3.redhat_00003.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                "product": {
                  "name": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_id": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-selinux@9.0.87-3.redhat_00003.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                "product": {
                  "name": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_id": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-servlet-4.0-api@9.0.87-3.redhat_00003.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                "product": {
                  "name": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_id": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-webapps@9.0.87-3.redhat_00003.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
                "product": {
                  "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
                  "product_id": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-mod_cluster@1.4.5-1.Final_redhat_00001.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
                "product": {
                  "name": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
                  "product_id": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-mod_cluster-tomcat@1.4.5-1.Final_redhat_00001.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                "product": {
                  "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_id": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat@9.0.87-3.redhat_00003.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                "product": {
                  "name": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_id": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-admin-webapps@9.0.87-3.redhat_00003.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                "product": {
                  "name": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_id": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-docs-webapp@9.0.87-3.redhat_00003.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                "product": {
                  "name": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_id": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-el-3.0-api@9.0.87-3.redhat_00003.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                "product": {
                  "name": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_id": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-javadoc@9.0.87-3.redhat_00003.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                "product": {
                  "name": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_id": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-jsp-2.3-api@9.0.87-3.redhat_00003.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                "product": {
                  "name": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_id": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-lib@9.0.87-3.redhat_00003.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                "product": {
                  "name": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_id": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-selinux@9.0.87-3.redhat_00003.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                "product": {
                  "name": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_id": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-servlet-4.0-api@9.0.87-3.redhat_00003.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                "product": {
                  "name": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_id": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws5-tomcat-webapps@9.0.87-3.redhat_00003.1.el9jws?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch"
        },
        "product_reference": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.src as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.src"
        },
        "product_reference": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.src",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch"
        },
        "product_reference": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.src as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.src"
        },
        "product_reference": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.src",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-java-jdk11-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-java-jdk11-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-java-jdk11-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-java-jdk8-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-java-jdk8-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-java-jdk8-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 7 Server",
          "product_id": "7Server-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch"
        },
        "product_reference": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
        "relates_to_product_reference": "7Server-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch"
        },
        "product_reference": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.src as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.src"
        },
        "product_reference": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.src",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch"
        },
        "product_reference": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.noarch"
        },
        "product_reference": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.src as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.src"
        },
        "product_reference": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.src",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch"
        },
        "product_reference": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el8jws.noarch"
        },
        "product_reference": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch"
        },
        "product_reference": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el8jws.noarch"
        },
        "product_reference": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch"
        },
        "product_reference": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el8jws.noarch"
        },
        "product_reference": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el8jws.noarch"
        },
        "product_reference": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch"
        },
        "product_reference": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 8",
          "product_id": "8Base-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch"
        },
        "product_reference": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch"
        },
        "product_reference": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.src as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.src"
        },
        "product_reference": "jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.src",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch"
        },
        "product_reference": "jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
        },
        "product_reference": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.src as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.src"
        },
        "product_reference": "jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.src",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
        },
        "product_reference": "jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
        },
        "product_reference": "jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
        },
        "product_reference": "jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
        },
        "product_reference": "jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
        },
        "product_reference": "jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
        },
        "product_reference": "jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
        },
        "product_reference": "jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
        },
        "product_reference": "jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch as a component of Red Hat JBoss Web Server 5.8 for RHEL 9",
          "product_id": "9Base-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
        },
        "product_reference": "jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-5.8"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.src",
            "7Server-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
            "8Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.src",
            "8Base-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
            "9Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.src",
            "9Base-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269608"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service (DoS) vulnerability present in the Apache Tomcat package arises from an incomplete cleanup process. Specifically, WebSocket clients can perpetuate WebSocket connections without proper termination, thereby causing a sustained drain on system resources. This vulnerability facilitates the exploitation of Apache Tomcat servers, leading to a scenario where excessive resource consumption occurs due to the prolonged existence of these open WebSocket connections. As a consequence, the server\u0027s performance may degrade significantly, resulting in potential service disruption or unresponsiveness.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: WebSocket DoS with incomplete closing handshake",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Denial of Service (DoS) vulnerability within the Apache Tomcat package represents an Important severity issue due to its potential to significantly impact system availability and performance. By allowing WebSocket clients to maintain open connections without proper cleanup, the vulnerability facilitates the sustained consumption of server resources. This exploitation results in increased CPU, memory, and network utilization, ultimately leading to server degradation or unresponsiveness. The inability to terminate these lingering connections efficiently exacerbates the severity of the issue, as it enables attackers to exploit limited resources over an extended period, amplifying the impact of the attack.\n\nRed Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat, bundled into the pki-servlet-engine component. However, there are no entry point for WebSockets, and thus it is not possible to trigger the flaw in a supported setup.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.src",
          "7Server-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-tomcat-java-jdk11-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-tomcat-java-jdk8-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
          "8Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
          "8Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.src",
          "8Base-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
          "8Base-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
          "8Base-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
          "8Base-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
          "8Base-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
          "8Base-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
          "8Base-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
          "8Base-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
          "8Base-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
          "9Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
          "9Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.src",
          "9Base-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
          "9Base-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
          "9Base-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
          "9Base-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
          "9Base-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
          "9Base-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
          "9Base-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
          "9Base-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
          "9Base-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
        ],
        "known_not_affected": [
          "7Server-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
          "7Server-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.src",
          "7Server-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
          "8Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
          "8Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.src",
          "8Base-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
          "9Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
          "9Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.src",
          "9Base-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269608",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23672",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f",
          "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-07T12:22:38+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.src",
            "7Server-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-java-jdk11-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-java-jdk8-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.src",
            "8Base-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.src",
            "9Base-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1913"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "7Server-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.src",
            "7Server-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.src",
            "7Server-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-java-jdk11-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-java-jdk8-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "8Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.src",
            "8Base-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.src",
            "8Base-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "9Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.src",
            "9Base-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.src",
            "9Base-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el7jws.src",
            "7Server-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el7jws.src",
            "7Server-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-java-jdk11-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-java-jdk8-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "7Server-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el7jws.noarch",
            "8Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el8jws.src",
            "8Base-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el8jws.src",
            "8Base-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "8Base-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el8jws.noarch",
            "9Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-mod_cluster-0:1.4.5-1.Final_redhat_00001.1.el9jws.src",
            "9Base-JWS-5.8:jws5-mod_cluster-tomcat-0:1.4.5-1.Final_redhat_00001.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-0:9.0.87-3.redhat_00003.1.el9jws.src",
            "9Base-JWS-5.8:jws5-tomcat-admin-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-docs-webapp-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-el-3.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-javadoc-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-jsp-2.3-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-lib-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-selinux-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-servlet-4.0-api-0:9.0.87-3.redhat_00003.1.el9jws.noarch",
            "9Base-JWS-5.8:jws5-tomcat-webapps-0:9.0.87-3.redhat_00003.1.el9jws.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: WebSocket DoS with incomplete closing handshake"
    }
  ]
}

rhsa-2024:1916

Vulnerability from csaf_redhat

Published

2024-05-07 13:07

Modified

2025-08-03 06:43

Summary

Red Hat Security Advisory: Red Hat JBoss Web Server 6.0.2 release and security update

Notes

Topic

An update is now available for Red Hat JBoss Web Server 6.0.2 on Red Hat Enterprise Linux versions 8 and 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 6.0.2 serves as a replacement for Red Hat JBoss Web Server 6.0.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section. Security Fix(es): * tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Web Server 6.0.2 on Red Hat Enterprise Linux versions 8 and 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 6.0.2 serves as a replacement for Red Hat JBoss Web Server 6.0.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section.\n\nSecurity Fix(es):\n\n* tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:1916",
        "url": "https://access.redhat.com/errata/RHSA-2024:1916"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/6.0/html-single/red_hat_jboss_web_server_6.0_service_pack_2_release_notes/index",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/6.0/html-single/red_hat_jboss_web_server_6.0_service_pack_2_release_notes/index"
      },
      {
        "category": "external",
        "summary": "2269608",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1916.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 6.0.2 release and security update",
    "tracking": {
      "current_release_date": "2025-08-03T06:43:38+00:00",
      "generator": {
        "date": "2025-08-03T06:43:38+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.6"
        }
      },
      "id": "RHSA-2024:1916",
      "initial_release_date": "2024-05-07T13:07:55+00:00",
      "revision_history": [
        {
          "date": "2024-05-07T13:07:55+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-05-07T13:07:55+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-08-03T06:43:38+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 6.0 for RHEL 8",
                "product": {
                  "name": "Red Hat JBoss Web Server 6.0 for RHEL 8",
                  "product_id": "8Base-JWS-6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:6.0::el8"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 6.0 for RHEL 9",
                "product": {
                  "name": "Red Hat JBoss Web Server 6.0 for RHEL 9",
                  "product_id": "9Base-JWS-6.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:6.0::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.src",
                "product": {
                  "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.src",
                  "product_id": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-mod_cluster@2.0.4-1.Final_redhat_00001.1.el8jws?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.src",
                "product": {
                  "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.src",
                  "product_id": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat@10.1.8-7.redhat_00014.1.el8jws?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.src",
                "product": {
                  "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.src",
                  "product_id": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-mod_cluster@2.0.4-1.Final_redhat_00001.1.el9jws?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.src",
                "product": {
                  "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.src",
                  "product_id": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat@10.1.8-7.redhat_00014.1.el9jws?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
                "product": {
                  "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
                  "product_id": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-mod_cluster@2.0.4-1.Final_redhat_00001.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
                "product": {
                  "name": "jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
                  "product_id": "jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-mod_cluster-tomcat@2.0.4-1.Final_redhat_00001.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                "product": {
                  "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_id": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat@10.1.8-7.redhat_00014.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                "product": {
                  "name": "jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_id": "jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-admin-webapps@10.1.8-7.redhat_00014.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                "product": {
                  "name": "jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_id": "jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-docs-webapp@10.1.8-7.redhat_00014.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                "product": {
                  "name": "jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_id": "jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-el-5.0-api@10.1.8-7.redhat_00014.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                "product": {
                  "name": "jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_id": "jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-javadoc@10.1.8-7.redhat_00014.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                "product": {
                  "name": "jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_id": "jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-jsp-3.1-api@10.1.8-7.redhat_00014.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                "product": {
                  "name": "jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_id": "jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-lib@10.1.8-7.redhat_00014.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                "product": {
                  "name": "jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_id": "jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-selinux@10.1.8-7.redhat_00014.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                "product": {
                  "name": "jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_id": "jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-servlet-6.0-api@10.1.8-7.redhat_00014.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                "product": {
                  "name": "jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_id": "jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-webapps@10.1.8-7.redhat_00014.1.el8jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
                "product": {
                  "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
                  "product_id": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-mod_cluster@2.0.4-1.Final_redhat_00001.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
                "product": {
                  "name": "jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
                  "product_id": "jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-mod_cluster-tomcat@2.0.4-1.Final_redhat_00001.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                "product": {
                  "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_id": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat@10.1.8-7.redhat_00014.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                "product": {
                  "name": "jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_id": "jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-admin-webapps@10.1.8-7.redhat_00014.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                "product": {
                  "name": "jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_id": "jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-docs-webapp@10.1.8-7.redhat_00014.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                "product": {
                  "name": "jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_id": "jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-el-5.0-api@10.1.8-7.redhat_00014.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                "product": {
                  "name": "jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_id": "jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-javadoc@10.1.8-7.redhat_00014.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                "product": {
                  "name": "jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_id": "jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-jsp-3.1-api@10.1.8-7.redhat_00014.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                "product": {
                  "name": "jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_id": "jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-lib@10.1.8-7.redhat_00014.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                "product": {
                  "name": "jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_id": "jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-selinux@10.1.8-7.redhat_00014.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                "product": {
                  "name": "jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_id": "jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-servlet-6.0-api@10.1.8-7.redhat_00014.1.el9jws?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                "product": {
                  "name": "jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_id": "jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jws6-tomcat-webapps@10.1.8-7.redhat_00014.1.el9jws?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch"
        },
        "product_reference": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.src as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.src"
        },
        "product_reference": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.src",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch"
        },
        "product_reference": "jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.noarch"
        },
        "product_reference": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.src as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.src"
        },
        "product_reference": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.src",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch"
        },
        "product_reference": "jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el8jws.noarch"
        },
        "product_reference": "jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch"
        },
        "product_reference": "jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el8jws.noarch"
        },
        "product_reference": "jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch"
        },
        "product_reference": "jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el8jws.noarch"
        },
        "product_reference": "jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el8jws.noarch"
        },
        "product_reference": "jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch"
        },
        "product_reference": "jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 8",
          "product_id": "8Base-JWS-6.0:jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch"
        },
        "product_reference": "jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
        "relates_to_product_reference": "8Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch"
        },
        "product_reference": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.src as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.src"
        },
        "product_reference": "jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.src",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch"
        },
        "product_reference": "jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
        },
        "product_reference": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.src as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.src"
        },
        "product_reference": "jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.src",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
        },
        "product_reference": "jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
        },
        "product_reference": "jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
        },
        "product_reference": "jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
        },
        "product_reference": "jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
        },
        "product_reference": "jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
        },
        "product_reference": "jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
        },
        "product_reference": "jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
        },
        "product_reference": "jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch as a component of Red Hat JBoss Web Server 6.0 for RHEL 9",
          "product_id": "9Base-JWS-6.0:jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
        },
        "product_reference": "jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
        "relates_to_product_reference": "9Base-JWS-6.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.src",
            "8Base-JWS-6.0:jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
            "9Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.src",
            "9Base-JWS-6.0:jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269608"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service (DoS) vulnerability present in the Apache Tomcat package arises from an incomplete cleanup process. Specifically, WebSocket clients can perpetuate WebSocket connections without proper termination, thereby causing a sustained drain on system resources. This vulnerability facilitates the exploitation of Apache Tomcat servers, leading to a scenario where excessive resource consumption occurs due to the prolonged existence of these open WebSocket connections. As a consequence, the server\u0027s performance may degrade significantly, resulting in potential service disruption or unresponsiveness.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: WebSocket DoS with incomplete closing handshake",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Denial of Service (DoS) vulnerability within the Apache Tomcat package represents an Important severity issue due to its potential to significantly impact system availability and performance. By allowing WebSocket clients to maintain open connections without proper cleanup, the vulnerability facilitates the sustained consumption of server resources. This exploitation results in increased CPU, memory, and network utilization, ultimately leading to server degradation or unresponsiveness. The inability to terminate these lingering connections efficiently exacerbates the severity of the issue, as it enables attackers to exploit limited resources over an extended period, amplifying the impact of the attack.\n\nRed Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat, bundled into the pki-servlet-engine component. However, there are no entry point for WebSockets, and thus it is not possible to trigger the flaw in a supported setup.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
          "8Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.src",
          "8Base-JWS-6.0:jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
          "8Base-JWS-6.0:jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
          "8Base-JWS-6.0:jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
          "8Base-JWS-6.0:jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
          "8Base-JWS-6.0:jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
          "8Base-JWS-6.0:jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
          "8Base-JWS-6.0:jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
          "8Base-JWS-6.0:jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
          "8Base-JWS-6.0:jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
          "9Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
          "9Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.src",
          "9Base-JWS-6.0:jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
          "9Base-JWS-6.0:jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
          "9Base-JWS-6.0:jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
          "9Base-JWS-6.0:jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
          "9Base-JWS-6.0:jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
          "9Base-JWS-6.0:jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
          "9Base-JWS-6.0:jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
          "9Base-JWS-6.0:jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
          "9Base-JWS-6.0:jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
        ],
        "known_not_affected": [
          "8Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
          "8Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.src",
          "8Base-JWS-6.0:jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
          "9Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
          "9Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.src",
          "9Base-JWS-6.0:jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269608",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23672",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f",
          "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-07T13:07:55+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.src",
            "8Base-JWS-6.0:jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.src",
            "9Base-JWS-6.0:jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1916"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.src",
            "8Base-JWS-6.0:jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.src",
            "8Base-JWS-6.0:jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "9Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.src",
            "9Base-JWS-6.0:jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.src",
            "9Base-JWS-6.0:jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el8jws.src",
            "8Base-JWS-6.0:jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el8jws.src",
            "8Base-JWS-6.0:jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "8Base-JWS-6.0:jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el8jws.noarch",
            "9Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-mod_cluster-0:2.0.4-1.Final_redhat_00001.1.el9jws.src",
            "9Base-JWS-6.0:jws6-mod_cluster-tomcat-0:2.0.4-1.Final_redhat_00001.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-0:10.1.8-7.redhat_00014.1.el9jws.src",
            "9Base-JWS-6.0:jws6-tomcat-admin-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-docs-webapp-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-el-5.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-javadoc-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-jsp-3.1-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-lib-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-selinux-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-servlet-6.0-api-0:10.1.8-7.redhat_00014.1.el9jws.noarch",
            "9Base-JWS-6.0:jws6-tomcat-webapps-0:10.1.8-7.redhat_00014.1.el9jws.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: WebSocket DoS with incomplete closing handshake"
    }
  ]
}

rhsa-2024:1917

Vulnerability from csaf_redhat

Published

2024-05-07 13:07

Modified

2025-08-03 06:44

Summary

Red Hat Security Advisory: Red Hat JBoss Web Server 6.0.2 release and security update

Notes

Topic

Red Hat JBoss Web Server 6.0.2 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 6.0.2 serves as a replacement for Red Hat JBoss Web Server 6.0.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section. Security Fix(es): * tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat JBoss Web Server 6.0.2 zip release is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector (mod_cluster), the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 6.0.2 serves as a replacement for Red Hat JBoss Web Server 6.0.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes that are linked to in the References section.\n\nSecurity Fix(es):\n\n* tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake (CVE-2024-23672)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2024:1917",
        "url": "https://access.redhat.com/errata/RHSA-2024:1917"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/6.0/html-single/red_hat_jboss_web_server_6.0_service_pack_2_release_notes/index",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/6.0/html-single/red_hat_jboss_web_server_6.0_service_pack_2_release_notes/index"
      },
      {
        "category": "external",
        "summary": "2269608",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1917.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 6.0.2 release and security update",
    "tracking": {
      "current_release_date": "2025-08-03T06:44:03+00:00",
      "generator": {
        "date": "2025-08-03T06:44:03+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.6"
        }
      },
      "id": "RHSA-2024:1917",
      "initial_release_date": "2024-05-07T13:07:49+00:00",
      "revision_history": [
        {
          "date": "2024-05-07T13:07:49+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2024-05-07T13:07:49+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-08-03T06:44:03+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 6",
                "product": {
                  "name": "Red Hat JBoss Web Server 6",
                  "product_id": "Red Hat JBoss Web Server 6",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:6.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-23672",
      "cwe": {
        "id": "CWE-459",
        "name": "Incomplete Cleanup"
      },
      "discovery_date": "2024-03-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2269608"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service (DoS) vulnerability present in the Apache Tomcat package arises from an incomplete cleanup process. Specifically, WebSocket clients can perpetuate WebSocket connections without proper termination, thereby causing a sustained drain on system resources. This vulnerability facilitates the exploitation of Apache Tomcat servers, leading to a scenario where excessive resource consumption occurs due to the prolonged existence of these open WebSocket connections. As a consequence, the server\u0027s performance may degrade significantly, resulting in potential service disruption or unresponsiveness.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Tomcat: WebSocket DoS with incomplete closing handshake",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This Denial of Service (DoS) vulnerability within the Apache Tomcat package represents an Important severity issue due to its potential to significantly impact system availability and performance. By allowing WebSocket clients to maintain open connections without proper cleanup, the vulnerability facilitates the sustained consumption of server resources. This exploitation results in increased CPU, memory, and network utilization, ultimately leading to server degradation or unresponsiveness. The inability to terminate these lingering connections efficiently exacerbates the severity of the issue, as it enables attackers to exploit limited resources over an extended period, amplifying the impact of the attack.\n\nRed Hat Certificate System 10.0 as well as Red Hat Enterprise Linux 8\u0027s Identity Management, are using a vulnerable version of Tomcat, bundled into the pki-servlet-engine component. However, there are no entry point for WebSockets, and thus it is not possible to trigger the flaw in a supported setup.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 6"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "RHBZ#2269608",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269608"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-23672",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23672"
        },
        {
          "category": "external",
          "summary": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f",
          "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
        }
      ],
      "release_date": "2024-03-13T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-05-07T13:07:49+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation, including all applications and configuration files.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.",
          "product_ids": [
            "Red Hat JBoss Web Server 6"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2024:1917"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat JBoss Web Server 6"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat JBoss Web Server 6"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Tomcat: WebSocket DoS with incomplete closing handshake"
    }
  ]
}

gsd-2024-23672

Vulnerability from gsd

Modified

2024-01-20 06:02

Details

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98. Users are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.

Aliases

CVE-2024-23672

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-23672"
      ],
      "details": "Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.\n\n",
      "id": "GSD-2024-23672",
      "modified": "2024-01-20T06:02:17.590416Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "ID": "CVE-2024-23672",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Tomcat",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "11.0.0-M1",
                          "version_value": "11.0.0-M16"
                        },
                        {
                          "version_affected": "\u003c=",
                          "version_name": "10.1.0-M1",
                          "version_value": "10.1.18"
                        },
                        {
                          "version_affected": "\u003c=",
                          "version_name": "9.0.0-M1",
                          "version_value": "9.0.85"
                        },
                        {
                          "version_affected": "\u003c=",
                          "version_name": "8.5.0",
                          "version_value": "8.5.98"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.\n\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-459",
                "lang": "eng",
                "value": "CWE-459 Incomplete Cleanup"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f",
            "refsource": "MISC",
            "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20240402-0002/",
            "refsource": "MISC",
            "url": "https://security.netapp.com/advisory/ntap-20240402-0002/"
          },
          {
            "name": "https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html",
            "refsource": "MISC",
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html"
          }
        ]
      },
      "source": {
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from 9.0.0-M1 through 9.0.85, from 8.5.0 through 8.5.98.\n\nUsers are recommended to upgrade to version 11.0.0-M17, 10.1.19, 9.0.86 or 8.5.99 which fix the issue.\n\n"
          },
          {
            "lang": "es",
            "value": "Denegaci\u00f3n de servicio mediante vulnerabilidad de limpieza incompleta en Apache Tomcat. Los clientes de WebSocket pod\u00edan mantener abiertas las conexiones de WebSocket, lo que generaba un mayor consumo de recursos. Este problema afecta a Apache Tomcat: desde 11.0.0-M1 hasta 11.0.0-M16, desde 10.1.0-M1 hasta 10.1.18, desde 9.0. 0-M1 hasta 9.0.85, desde 8.5.0 hasta 8.5.98. Se recomienda a los usuarios actualizar a la versi\u00f3n 11.0.0-M17, 10.1.19, 9.0.86 u 8.5.99, que solucionan el problema."
          }
        ],
        "id": "CVE-2024-23672",
        "lastModified": "2024-04-06T06:15:07.717",
        "metrics": {},
        "published": "2024-03-13T16:15:29.287",
        "references": [
          {
            "source": "security@apache.org",
            "url": "https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f"
          },
          {
            "source": "security@apache.org",
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00001.html"
          },
          {
            "source": "security@apache.org",
            "url": "https://security.netapp.com/advisory/ntap-20240402-0002/"
          }
        ],
        "sourceIdentifier": "security@apache.org",
        "vulnStatus": "Awaiting Analysis",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-459"
              }
            ],
            "source": "security@apache.org",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-23672 (GCVE-0-2024-23672)

Vulnerability from cvelistv5

Vulnerability from fkie_nvd

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from csaf_opensuse

Vulnerability from csaf_opensuse

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from github

Vulnerability from csaf_suse

Vulnerability from csaf_suse

Vulnerability from csaf_suse

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from csaf_redhat

Vulnerability from gsd

Tags

Sightings

Nomenclature