{
    "document": {
        "category": "csaf_security_advisory",
        "csaf_version": "2.0",
        "distribution": {
            "tlp": {
                "label": "WHITE"
            }
        },
        "lang": "nl",
        "notes": [
            {
                "category": "legal_disclaimer",
                "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
            },
            {
                "category": "description",
                "text": "Er zijn kwetsbaarheden verholpen in Oracle Fusion Middleware.",
                "title": "Feiten"
            },
            {
                "category": "description",
                "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n* Denial-of-Service (DoS)\n* Toegang tot gevoelige gegevens\n* Toegang tot systeemgegevens\n* Manipulatie van gegevens\n* (Remote) code execution (Gebruikersrechten)",
                "title": "Interpretaties"
            },
            {
                "category": "description",
                "text": "Oracle heeft updates beschikbaar gesteld om de kwetsbaarheden te verhelpen. Zie de referenties voor meer informatie.",
                "title": "Oplossingen"
            },
            {
                "category": "general",
                "text": "medium",
                "title": "Kans"
            },
            {
                "category": "general",
                "text": "high",
                "title": "Schade"
            },
            {
                "category": "general",
                "text": "Heap-based Buffer Overflow",
                "title": "CWE-122"
            },
            {
                "category": "general",
                "text": "Improper Neutralization of Section Delimiters",
                "title": "CWE-145"
            },
            {
                "category": "general",
                "text": "Integer Overflow or Wraparound",
                "title": "CWE-190"
            },
            {
                "category": "general",
                "text": "Improper Input Validation",
                "title": "CWE-20"
            },
            {
                "category": "general",
                "text": "Exposure of Sensitive Information to an Unauthorized Actor",
                "title": "CWE-200"
            },
            {
                "category": "general",
                "text": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                "title": "CWE-22"
            },
            {
                "category": "general",
                "text": "Truncation of Security-relevant Information",
                "title": "CWE-222"
            },
            {
                "category": "general",
                "text": "Improper Access Control",
                "title": "CWE-284"
            },
            {
                "category": "general",
                "text": "Improper Check for Certificate Revocation",
                "title": "CWE-299"
            },
            {
                "category": "general",
                "text": "Missing Authentication for Critical Function",
                "title": "CWE-306"
            },
            {
                "category": "general",
                "text": "Use of Weak Hash",
                "title": "CWE-328"
            },
            {
                "category": "general",
                "text": "Insecure Temporary File",
                "title": "CWE-377"
            },
            {
                "category": "general",
                "text": "Uncontrolled Resource Consumption",
                "title": "CWE-400"
            },
            {
                "category": "general",
                "text": "Improper Resource Shutdown or Release",
                "title": "CWE-404"
            },
            {
                "category": "general",
                "text": "Use After Free",
                "title": "CWE-416"
            },
            {
                "category": "general",
                "text": "Files or Directories Accessible to External Parties",
                "title": "CWE-552"
            },
            {
                "category": "general",
                "text": "URL Redirection to Untrusted Site ('Open Redirect')",
                "title": "CWE-601"
            },
            {
                "category": "general",
                "text": "Allocation of Resources Without Limits or Throttling",
                "title": "CWE-770"
            },
            {
                "category": "general",
                "text": "Out-of-bounds Write",
                "title": "CWE-787"
            },
            {
                "category": "general",
                "text": "Server-Side Request Forgery (SSRF)",
                "title": "CWE-918"
            }
        ],
        "publisher": {
            "category": "coordinator",
            "contact_details": "cert@ncsc.nl",
            "name": "Nationaal Cyber Security Centrum",
            "namespace": "https://www.ncsc.nl/"
        },
        "references": [
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13956"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1945"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29425"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45378"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24998"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29081"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2976"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34034"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-36478"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45853"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-46750"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4759"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5072"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6129"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0853"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21133"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21175"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21181"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21182"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21183"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22201"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22243"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22259"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22262"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25062"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26308"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29025"
            },
            {
                "category": "external",
                "summary": "Source - nvd",
                "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29857"
            },
            {
                "category": "external",
                "summary": "Reference - oracle",
                "url": "https://www.oracle.com/docs/tech/security-alerts/cpujul2024csaf.json"
            },
            {
                "category": "external",
                "summary": "Reference - cveprojectv5; ibm; nvd; oracle",
                "url": "https://www.oracle.com/security-alerts/cpujul2024.html"
            }
        ],
        "title": " Kwetsbaarheden verholpen in Oracle Fusion Middleware",
        "tracking": {
            "current_release_date": "2024-07-17T13:54:00.411174Z",
            "id": "NCSC-2024-0298",
            "initial_release_date": "2024-07-17T13:54:00.411174Z",
            "revision_history": [
                {
                    "date": "2024-07-17T13:54:00.411174Z",
                    "number": "0",
                    "summary": "Initiele versie"
                }
            ],
            "status": "final",
            "version": "1.0.0"
        }
    },
    "product_tree": {
        "branches": [
            {
                "branches": [
                    {
                        "category": "product_name",
                        "name": "fusion_middleware_mapviewer",
                        "product": {
                            "name": "fusion_middleware_mapviewer",
                            "product_id": "CSAFPID-226018",
                            "product_identification_helper": {
                                "cpe": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:*:*:*:*:*:*:*"
                            }
                        }
                    },
                    {
                        "category": "product_name",
                        "name": "fusion_middleware",
                        "product": {
                            "name": "fusion_middleware",
                            "product_id": "CSAFPID-271904",
                            "product_identification_helper": {
                                "cpe": "cpe:2.3:a:oracle:fusion_middleware:12.2.1.4.0:*:*:*:*:*:*:*"
                            }
                        }
                    }
                ],
                "category": "vendor",
                "name": "oracle"
            }
        ]
    },
    "vulnerabilities": [
        {
            "cve": "CVE-2020-1945",
            "cwe": {
                "id": "CWE-377",
                "name": "Insecure Temporary File"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Insecure Temporary File",
                    "title": "CWE-377"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2020-1945",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1945.json"
                }
            ],
            "title": "CVE-2020-1945"
        },
        {
            "cve": "CVE-2020-13956",
            "cwe": {
                "id": "CWE-20",
                "name": "Improper Input Validation"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Input Validation",
                    "title": "CWE-20"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2020-13956",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13956.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                        "baseScore": 5.3,
                        "baseSeverity": "MEDIUM"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2020-13956"
        },
        {
            "cve": "CVE-2021-29425",
            "cwe": {
                "id": "CWE-22",
                "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
                    "title": "CWE-22"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2021-29425",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-29425.json"
                }
            ],
            "title": "CVE-2021-29425"
        },
        {
            "cve": "CVE-2021-37533",
            "cwe": {
                "id": "CWE-200",
                "name": "Exposure of Sensitive Information to an Unauthorized Actor"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Exposure of Sensitive Information to an Unauthorized Actor",
                    "title": "CWE-200"
                },
                {
                    "category": "other",
                    "text": "Improper Input Validation",
                    "title": "CWE-20"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2021-37533",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-37533.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2021-37533"
        },
        {
            "cve": "CVE-2022-40152",
            "cwe": {
                "id": "CWE-787",
                "name": "Out-of-bounds Write"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Out-of-bounds Write",
                    "title": "CWE-787"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2022-40152",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40152.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2022-40152"
        },
        {
            "cve": "CVE-2022-45378",
            "cwe": {
                "id": "CWE-306",
                "name": "Missing Authentication for Critical Function"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Missing Authentication for Critical Function",
                    "title": "CWE-306"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2022-45378",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45378.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                        "baseScore": 9.8,
                        "baseSeverity": "CRITICAL"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2022-45378"
        },
        {
            "cve": "CVE-2023-2976",
            "cwe": {
                "id": "CWE-552",
                "name": "Files or Directories Accessible to External Parties"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Files or Directories Accessible to External Parties",
                    "title": "CWE-552"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904",
                    "CSAFPID-226018"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-2976",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                        "baseScore": 7.1,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-271904",
                        "CSAFPID-226018"
                    ]
                }
            ],
            "title": "CVE-2023-2976"
        },
        {
            "cve": "CVE-2023-4759",
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-4759",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                        "baseScore": 8.8,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2023-4759"
        },
        {
            "cve": "CVE-2023-5072",
            "cwe": {
                "id": "CWE-770",
                "name": "Allocation of Resources Without Limits or Throttling"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Allocation of Resources Without Limits or Throttling",
                    "title": "CWE-770"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904",
                    "CSAFPID-226018"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-5072",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-271904",
                        "CSAFPID-226018"
                    ]
                }
            ],
            "title": "CVE-2023-5072"
        },
        {
            "cve": "CVE-2023-6129",
            "cwe": {
                "id": "CWE-328",
                "name": "Use of Weak Hash"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Use of Weak Hash",
                    "title": "CWE-328"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-6129",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-6129.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
                        "baseScore": 6.5,
                        "baseSeverity": "MEDIUM"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2023-6129"
        },
        {
            "cve": "CVE-2023-24998",
            "cwe": {
                "id": "CWE-404",
                "name": "Improper Resource Shutdown or Release"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Resource Shutdown or Release",
                    "title": "CWE-404"
                },
                {
                    "category": "other",
                    "text": "Allocation of Resources Without Limits or Throttling",
                    "title": "CWE-770"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904",
                    "CSAFPID-226018"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-24998",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-24998.json"
                }
            ],
            "title": "CVE-2023-24998"
        },
        {
            "cve": "CVE-2023-29081",
            "cwe": {
                "id": "CWE-404",
                "name": "Improper Resource Shutdown or Release"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Resource Shutdown or Release",
                    "title": "CWE-404"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-29081",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29081.json"
                }
            ],
            "title": "CVE-2023-29081"
        },
        {
            "cve": "CVE-2023-34034",
            "cwe": {
                "id": "CWE-284",
                "name": "Improper Access Control"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Access Control",
                    "title": "CWE-284"
                },
                {
                    "category": "other",
                    "text": "Improper Neutralization of Section Delimiters",
                    "title": "CWE-145"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-34034",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34034.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                        "baseScore": 9.8,
                        "baseSeverity": "CRITICAL"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2023-34034"
        },
        {
            "cve": "CVE-2023-36478",
            "cwe": {
                "id": "CWE-400",
                "name": "Uncontrolled Resource Consumption"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Uncontrolled Resource Consumption",
                    "title": "CWE-400"
                },
                {
                    "category": "other",
                    "text": "Integer Overflow or Wraparound",
                    "title": "CWE-190"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904",
                    "CSAFPID-226018"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-36478",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-36478.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-271904",
                        "CSAFPID-226018"
                    ]
                }
            ],
            "title": "CVE-2023-36478"
        },
        {
            "cve": "CVE-2023-45853",
            "cwe": {
                "id": "CWE-122",
                "name": "Heap-based Buffer Overflow"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Heap-based Buffer Overflow",
                    "title": "CWE-122"
                },
                {
                    "category": "other",
                    "text": "Integer Overflow or Wraparound",
                    "title": "CWE-190"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-45853",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45853.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                        "baseScore": 9.8,
                        "baseSeverity": "CRITICAL"
                    },
                    "products": [
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2023-45853"
        },
        {
            "cve": "CVE-2023-46750",
            "cwe": {
                "id": "CWE-601",
                "name": "URL Redirection to Untrusted Site ('Open Redirect')"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "URL Redirection to Untrusted Site ('Open Redirect')",
                    "title": "CWE-601"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-46750",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46750.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
                        "baseScore": 6.4,
                        "baseSeverity": "MEDIUM"
                    },
                    "products": [
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2023-46750"
        },
        {
            "cve": "CVE-2023-48795",
            "cwe": {
                "id": "CWE-222",
                "name": "Truncation of Security-relevant Information"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Truncation of Security-relevant Information",
                    "title": "CWE-222"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904",
                    "CSAFPID-226018"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-48795",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
                        "baseScore": 5.9,
                        "baseSeverity": "MEDIUM"
                    },
                    "products": [
                        "CSAFPID-271904",
                        "CSAFPID-226018"
                    ]
                }
            ],
            "title": "CVE-2023-48795"
        },
        {
            "cve": "CVE-2023-52425",
            "cwe": {
                "id": "CWE-400",
                "name": "Uncontrolled Resource Consumption"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Uncontrolled Resource Consumption",
                    "title": "CWE-400"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2023-52425",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2023-52425"
        },
        {
            "cve": "CVE-2024-0853",
            "cwe": {
                "id": "CWE-299",
                "name": "Improper Check for Certificate Revocation"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Improper Check for Certificate Revocation",
                    "title": "CWE-299"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-0853",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-0853.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                        "baseScore": 9.8,
                        "baseSeverity": "CRITICAL"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-0853"
        },
        {
            "cve": "CVE-2024-21133",
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-21133",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21133.json"
                }
            ],
            "title": "CVE-2024-21133"
        },
        {
            "cve": "CVE-2024-21175",
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-21175",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21175.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-21175"
        },
        {
            "cve": "CVE-2024-21181",
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-21181",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21181.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                        "baseScore": 9.8,
                        "baseSeverity": "CRITICAL"
                    },
                    "products": [
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-21181"
        },
        {
            "cve": "CVE-2024-21182",
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-21182",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21182.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-21182"
        },
        {
            "cve": "CVE-2024-21183",
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-21183",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21183.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-21183"
        },
        {
            "cve": "CVE-2024-22201",
            "cwe": {
                "id": "CWE-400",
                "name": "Uncontrolled Resource Consumption"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Uncontrolled Resource Consumption",
                    "title": "CWE-400"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-22201",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-22201"
        },
        {
            "cve": "CVE-2024-22243",
            "cwe": {
                "id": "CWE-918",
                "name": "Server-Side Request Forgery (SSRF)"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Server-Side Request Forgery (SSRF)",
                    "title": "CWE-918"
                },
                {
                    "category": "other",
                    "text": "URL Redirection to Untrusted Site ('Open Redirect')",
                    "title": "CWE-601"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-22243",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22243.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
                        "baseScore": 8.1,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-22243"
        },
        {
            "cve": "CVE-2024-22259",
            "cwe": {
                "id": "CWE-601",
                "name": "URL Redirection to Untrusted Site ('Open Redirect')"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "URL Redirection to Untrusted Site ('Open Redirect')",
                    "title": "CWE-601"
                },
                {
                    "category": "other",
                    "text": "Server-Side Request Forgery (SSRF)",
                    "title": "CWE-918"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-22259",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22259.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
                        "baseScore": 8.1,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-22259"
        },
        {
            "cve": "CVE-2024-22262",
            "cwe": {
                "id": "CWE-601",
                "name": "URL Redirection to Untrusted Site ('Open Redirect')"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "URL Redirection to Untrusted Site ('Open Redirect')",
                    "title": "CWE-601"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-22262",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22262.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
                        "baseScore": 8.1,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-22262"
        },
        {
            "cve": "CVE-2024-25062",
            "cwe": {
                "id": "CWE-416",
                "name": "Use After Free"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Use After Free",
                    "title": "CWE-416"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-25062",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25062.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-25062"
        },
        {
            "cve": "CVE-2024-26308",
            "cwe": {
                "id": "CWE-770",
                "name": "Allocation of Resources Without Limits or Throttling"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Allocation of Resources Without Limits or Throttling",
                    "title": "CWE-770"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-226018",
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-26308",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 5.9,
                        "baseSeverity": "MEDIUM"
                    },
                    "products": [
                        "CSAFPID-226018",
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-26308"
        },
        {
            "cve": "CVE-2024-29025",
            "cwe": {
                "id": "CWE-770",
                "name": "Allocation of Resources Without Limits or Throttling"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Allocation of Resources Without Limits or Throttling",
                    "title": "CWE-770"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-29025",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
                }
            ],
            "title": "CVE-2024-29025"
        },
        {
            "cve": "CVE-2024-29857",
            "cwe": {
                "id": "CWE-400",
                "name": "Uncontrolled Resource Consumption"
            },
            "notes": [
                {
                    "category": "other",
                    "text": "Uncontrolled Resource Consumption",
                    "title": "CWE-400"
                },
                {
                    "category": "other",
                    "text": "Improper Input Validation",
                    "title": "CWE-20"
                }
            ],
            "product_status": {
                "known_affected": [
                    "CSAFPID-271904"
                ]
            },
            "references": [
                {
                    "category": "self",
                    "summary": "CVE-2024-29857",
                    "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json"
                }
            ],
            "scores": [
                {
                    "cvss_v3": {
                        "version": "3.1",
                        "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                        "baseScore": 7.5,
                        "baseSeverity": "HIGH"
                    },
                    "products": [
                        "CSAFPID-271904"
                    ]
                }
            ],
            "title": "CVE-2024-29857"
        }
    ]
}