{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Microsoft heeft kwetsbaarheden verholpen in Windows.", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om een Denial-of-Service te veroorzaken, zich verhoogde rechten toe te kennen, willekeurige code uit te voeren met rechten van het slachtoffer en mogelijk toegang te krijgen tot gevoelige gegevens.\n\nDe ernstigste kwetsbaarheid heeft kenmerk CVE-2024-43491 toegewezen gekregen en bevindt zich in het update-mechanisme van Windows. Door een fout in een vorige Services Stack Update (SSU) bleken eerder verholpen kwetsbaarheden weer te zijn teruggedraaid. Een of meer van deze kwetsbaarheden zijn vervolgens misbruikt door kwaadwillenden. Uitsluitend Windows 10 build 1507 installaties die de security updates vanaf maart 2024 (KB5035858), of andere updates t/m augustus 2024 hebben geïnstalleerd zijn kwetsbaar.\nMicrosoft heeft geen informatie vrijgegeven om welke kwetsbaarheden dit precies gaat, maar adviseert om achtereenvolgens de September 2024 Servicing stack update (SSU KB5043936) EN de September 2024 Windows security update (KB5043083) te installeren. Meer detailinformatie kan worden verkregen in de Security Guidance van deze specifieke kwetsbaarheid. Zie hiervoor de bijgevoegde referenties.\n\nVan de kwetsbaarheden met kenmerk CVE-2024-38014 en CVE-2024-38217 geeft Microsoft aan informatie te hebben dat deze beperkt en gericht zijn misbruikt.\nDe kwetsbaarheid met kenmerk CVE-2024-38014 bevindt zich in de Installer en stelt een lokale kwaadwillende in staat zich verhoogde rechten toe te kennen, mogelijk tot SYSTEM-niveau. De kwetsbaarheid met kenmerk CVE-2024-38217 bevindt zich in de Mark of the Web functionaliteit en stelt een kwaadwillende in staat om Mark of the Web te omzeilen en zo malafide code te (laten) uitvoeren door het slachtoffer. Voor succesvol misbruik moet de kwaadwillende het slachtoffer misleiden een malafide bestand te downloaden en uit te voeren vanaf een webserver onder controle van de kwaadwillende.\nVan de kwetsbaarheid met kenmerk CVE-2024-38217 geeft Microsoft aan bekend te zijn dat Proof-of-Concept-code wordt gedeeld binnen gesloten gemeenschappen. Van de kwetsbaarheid met kenmerk CVE-2024-38014 is (nog) geen Proof-of-Concept-code bekend.\n\n```\nWindows Kernel-Mode Drivers: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38256 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Mark of the Web (MOTW): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38217 | 5.40 | Omzeilen van beveiligingsmaatregel | \n| CVE-2024-43487 | 6.50 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows MSHTML Platform: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-43461 | 8.80 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nWindows AllJoyn API: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38257 | 7.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Standards-Based Storage Management Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38230 | 6.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Security Zone Mapping: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-30073 | 7.80 | Omzeilen van beveiligingsmaatregel | \n|----------------|------|-------------------------------------|\n\nWindows Remote Access Connection Manager: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38240 | 8.10 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Update: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-43491 | 9.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Installer: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38014 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Graphics Component: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38249 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2024-38250 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2024-38247 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Libarchive: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-43495 | 7.30 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Setup and Deployment: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-43457 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Kerberos: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38239 | 7.20 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Authentication Methods: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38254 | 5.50 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - GRFX: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38246 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nRole: Windows Hyper-V: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38235 | 6.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows PowerShell: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38046 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Streaming Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38241 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2024-38242 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2024-38237 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2024-38238 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2024-38243 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2024-38244 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2024-38245 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows Network Address Translation (NAT): \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38119 | 7.50 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows Remote Desktop Licensing Service: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-43467 | 7.50 | Uitvoeren van willekeurige code | \n| CVE-2024-38231 | 6.50 | Denial-of-Service | \n| CVE-2024-38258 | 6.50 | Toegang tot gevoelige gegevens | \n| CVE-2024-38260 | 8.80 | Uitvoeren van willekeurige code | \n| CVE-2024-38263 | 7.50 | Uitvoeren van willekeurige code | \n| CVE-2024-43454 | 7.10 | Uitvoeren van willekeurige code | \n| CVE-2024-43455 | 8.80 | Voordoen als andere gebruiker | \n|----------------|------|-------------------------------------|\n\nWindows Win32K - ICOMP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38252 | 7.80 | Verkrijgen van verhoogde rechten | \n| CVE-2024-38253 | 7.80 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nWindows TCP/IP: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-21416 | 8.10 | Uitvoeren van willekeurige code | \n| CVE-2024-38045 | 8.10 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n\nWindows DHCP Server: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38236 | 7.50 | Denial-of-Service | \n|----------------|------|-------------------------------------|\n\nWindows Network Virtualization: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38232 | 7.50 | Denial-of-Service | \n| CVE-2024-38233 | 7.50 | Denial-of-Service | \n| CVE-2024-38234 | 6.50 | Denial-of-Service | \n| CVE-2024-43458 | 7.70 | Toegang tot gevoelige gegevens | \n|----------------|------|-------------------------------------|\n\nWindows Storage: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38248 | 7.00 | Verkrijgen van verhoogde rechten | \n|----------------|------|-------------------------------------|\n\nMicrosoft Management Console: \n|----------------|------|-------------------------------------|\n| CVE-ID | CVSS | Impact |\n|----------------|------|-------------------------------------|\n| CVE-2024-38259 | 8.80 | Uitvoeren van willekeurige code | \n|----------------|------|-------------------------------------|\n```", "title": "Interpretaties" }, { "category": "description", "text": "Microsoft heeft updates beschikbaar gesteld waarmee de beschreven kwetsbaarheden worden verholpen. We raden u aan om deze updates te installeren. Meer informatie over de kwetsbaarheden, de installatie van de updates en eventuele work-arounds vindt u op:\n\nhttps://portal.msrc.microsoft.com/en-us/security-guidance", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Sensitive Data Storage in Improperly Locked Memory", "title": "CWE-591" }, { "category": "general", "text": "Weak Authentication", "title": "CWE-1390" }, { "category": "general", "text": "Buffer Over-read", "title": "CWE-126" }, { "category": "general", "text": "Improper Resolution of Path Equivalence", "title": "CWE-41" }, { "category": "general", "text": "Double Free", "title": "CWE-415" }, { "category": "general", "text": "Use of Uninitialized Resource", "title": "CWE-908" }, { "category": "general", "text": "Relative Path Traversal", "title": "CWE-23" }, { "category": "general", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "general", "text": "Protection Mechanism Failure", "title": "CWE-693" }, { "category": "general", "text": "User Interface (UI) Misrepresentation of Critical Information", "title": "CWE-451" }, { "category": "general", "text": "Improper Authorization", "title": "CWE-285" }, { "category": "general", "text": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", "title": "CWE-362" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Unquoted Search Path or Element", "title": "CWE-428" }, { "category": "general", "text": "Use After Free", "title": "CWE-416" }, { "category": "general", "text": "NULL Pointer Dereference", "title": "CWE-476" }, { "category": "general", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "general", "text": "Stack-based Buffer Overflow", "title": "CWE-121" }, { "category": "general", "text": "Improper Privilege Management", "title": "CWE-269" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - cveprojectv5; ncscclear", "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43491" } ], "title": "Kwetsbaarheden verholpen in Microsoft Windows", "tracking": { "current_release_date": "2024-09-10T18:21:28.305189Z", "id": "NCSC-2024-0363", "initial_release_date": "2024-09-10T18:21:28.305189Z", "revision_history": [ { "date": "2024-09-10T18:21:28.305189Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "windows_10_version_1507", "product": { "name": "windows_10_version_1507", "product_id": "CSAFPID-1453769", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_10_version_1507:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_10_version_1607", "product": { "name": "windows_10_version_1607", "product_id": "CSAFPID-1453770", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_10_version_1607:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_10_version_1809", "product": { "name": "windows_10_version_1809", "product_id": "CSAFPID-1453758", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_10_version_1809:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_10_version_21h2", "product": { "name": "windows_10_version_21h2", "product_id": "CSAFPID-1453800", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_10_version_21h2:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_10_version_22h2", "product": { "name": "windows_10_version_22h2", "product_id": "CSAFPID-1453802", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_10_version_22h2:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_11_version_21h2", "product": { "name": "windows_11_version_21h2", "product_id": "CSAFPID-1453799", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_11_version_21h2:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_11_version_22h2", "product": { "name": "windows_11_version_22h2", "product_id": "CSAFPID-1453801", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_11_version_22h2:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_11_version_22h3", "product": { "name": "windows_11_version_22h3", "product_id": "CSAFPID-1453803", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_11_version_22h3:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_11_version_23h2", "product": { "name": "windows_11_version_23h2", "product_id": "CSAFPID-1453804", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_11_version_23h2:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_11_version_24h2", "product": { "name": "windows_11_version_24h2", "product_id": "CSAFPID-1615902", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_11_version_24h2:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2008__service_pack_2", "product": { "name": "windows_server_2008__service_pack_2", "product_id": "CSAFPID-1453778", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2008__service_pack_2:6.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2008_r2_service_pack_1", "product": { "name": "windows_server_2008_r2_service_pack_1", "product_id": "CSAFPID-1453779", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2008_r2_service_pack_1:6.1.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2008_r2_service_pack_1__server_core_installation_", "product": { "name": "windows_server_2008_r2_service_pack_1__server_core_installation_", "product_id": "CSAFPID-1453780", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2008_r2_service_pack_1__server_core_installation_:6.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2008_service_pack_2", "product": { "name": "windows_server_2008_service_pack_2", "product_id": "CSAFPID-1453776", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2008_service_pack_2:6.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2008_service_pack_2__server_core_installation_", "product": { "name": "windows_server_2008_service_pack_2__server_core_installation_", "product_id": "CSAFPID-1453777", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2008_service_pack_2__server_core_installation_:6.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2012", "product": { "name": "windows_server_2012", "product_id": "CSAFPID-1453781", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2012:6.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2012__server_core_installation_", "product": { "name": "windows_server_2012__server_core_installation_", "product_id": "CSAFPID-1453782", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2012__server_core_installation_:6.2.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2012_r2", "product": { "name": "windows_server_2012_r2", "product_id": "CSAFPID-1453783", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2012_r2:6.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2012_r2__server_core_installation_", "product": { "name": "windows_server_2012_r2__server_core_installation_", "product_id": "CSAFPID-1453784", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2012_r2__server_core_installation_:6.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2016", "product": { "name": "windows_server_2016", "product_id": "CSAFPID-1453771", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2016:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2016__server_core_installation_", "product": { "name": "windows_server_2016__server_core_installation_", "product_id": "CSAFPID-1453772", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2016__server_core_installation_:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2019", "product": { "name": "windows_server_2019", "product_id": "CSAFPID-1453759", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2019:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2019__server_core_installation_", "product": { "name": "windows_server_2019__server_core_installation_", "product_id": "CSAFPID-1453760", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2019__server_core_installation_:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2022", "product": { "name": "windows_server_2022", "product_id": "CSAFPID-1453798", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2022:10.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "windows_server_2022__23h2_edition__server_core_installation_", "product": { "name": "windows_server_2022__23h2_edition__server_core_installation_", "product_id": "CSAFPID-1453805", "product_identification_helper": { "cpe": "cpe:2.3:a:microsoft:windows_server_2022__23h2_edition__server_core_installation_:10.0.0:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "microsoft" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-38230", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38230", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38230.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453783", "CSAFPID-1453784" ] } ], "title": "CVE-2024-38230" }, { "cve": "CVE-2024-38236", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453805", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38236", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38236.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453805", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] } ], "title": "CVE-2024-38236" }, { "cve": "CVE-2024-38240", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38240", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38240.json" } ], "title": "CVE-2024-38240" }, { "cve": "CVE-2024-38241", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38241", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38241.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] } ], "title": "CVE-2024-38241" }, { "cve": "CVE-2024-38242", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38242", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38242.json" } ], "title": "CVE-2024-38242" }, { "cve": "CVE-2024-38249", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38249", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38249.json" } ], "title": "CVE-2024-38249" }, { "cve": "CVE-2024-38250", "cwe": { "id": "CWE-126", "name": "Buffer Over-read" }, "notes": [ { "category": "other", "text": "Buffer Over-read", "title": "CWE-126" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38250", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38250.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] } ], "title": "CVE-2024-38250" }, { "cve": "CVE-2024-38252", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38252", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38252.json" } ], "title": "CVE-2024-38252" }, { "cve": "CVE-2024-38254", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "other", "text": "Use of Uninitialized Resource", "title": "CWE-908" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38254", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38254.json" } ], "title": "CVE-2024-38254" }, { "cve": "CVE-2024-38256", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "other", "text": "Use of Uninitialized Resource", "title": "CWE-908" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453800", "CSAFPID-1453802", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38256", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38256.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453800", "CSAFPID-1453802", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] } ], "title": "CVE-2024-38256" }, { "cve": "CVE-2024-43467", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" }, "notes": [ { "category": "other", "text": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", "title": "CWE-362" } ], "product_status": { "known_affected": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453805", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43467", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43467.json" } ], "title": "CVE-2024-43467" }, { "cve": "CVE-2024-38014", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "other", "text": "Improper Privilege Management", "title": "CWE-269" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38014", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38014.json" } ], "title": "CVE-2024-38014" }, { "cve": "CVE-2024-38046", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38046", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38046.json" } ], "title": "CVE-2024-38046" }, { "cve": "CVE-2024-38217", "cwe": { "id": "CWE-693", "name": "Protection Mechanism Failure" }, "notes": [ { "category": "other", "text": "Protection Mechanism Failure", "title": "CWE-693" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38217", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38217.json" } ], "title": "CVE-2024-38217" }, { "cve": "CVE-2024-38231", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "notes": [ { "category": "other", "text": "Improper Authorization", "title": "CWE-285" } ], "product_status": { "known_affected": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453805", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38231", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38231.json" } ], "title": "CVE-2024-38231" }, { "cve": "CVE-2024-38234", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38234", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38234.json" } ], "title": "CVE-2024-38234" }, { "cve": "CVE-2024-38235", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38235", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38235.json" } ], "title": "CVE-2024-38235" }, { "cve": "CVE-2024-38237", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38237", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38237.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] } ], "title": "CVE-2024-38237" }, { "cve": "CVE-2024-38238", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38238", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38238.json" } ], "title": "CVE-2024-38238" }, { "cve": "CVE-2024-38239", "cwe": { "id": "CWE-1390", "name": "Weak Authentication" }, "notes": [ { "category": "other", "text": "Weak Authentication", "title": "CWE-1390" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38239", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38239.json" } ], "title": "CVE-2024-38239" }, { "cve": "CVE-2024-38243", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38243", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38243.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] } ], "title": "CVE-2024-38243" }, { "cve": "CVE-2024-38244", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38244", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38244.json" } ], "title": "CVE-2024-38244" }, { "cve": "CVE-2024-38245", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38245", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38245.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] } ], "title": "CVE-2024-38245" }, { "cve": "CVE-2024-38247", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "other", "text": "Double Free", "title": "CWE-415" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38247", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38247.json" } ], "title": "CVE-2024-38247" }, { "cve": "CVE-2024-38257", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "other", "text": "Use of Uninitialized Resource", "title": "CWE-908" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38257", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38257.json" } ], "title": "CVE-2024-38257" }, { "cve": "CVE-2024-38258", "cwe": { "id": "CWE-23", "name": "Relative Path Traversal" }, "notes": [ { "category": "other", "text": "Relative Path Traversal", "title": "CWE-23" } ], "product_status": { "known_affected": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453805", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38258", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38258.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453805", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] } ], "title": "CVE-2024-38258" }, { "cve": "CVE-2024-38260", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "other", "text": "Use of Uninitialized Resource", "title": "CWE-908" } ], "product_status": { "known_affected": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453805", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38260", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38260.json" } ], "title": "CVE-2024-38260" }, { "cve": "CVE-2024-38263", "cwe": { "id": "CWE-591", "name": "Sensitive Data Storage in Improperly Locked Memory" }, "notes": [ { "category": "other", "text": "Sensitive Data Storage in Improperly Locked Memory", "title": "CWE-591" } ], "product_status": { "known_affected": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453805", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38263", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38263.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453805", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] } ], "title": "CVE-2024-38263" }, { "cve": "CVE-2024-21416", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902" ] }, "references": [ { "category": "self", "summary": "CVE-2024-21416", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21416.json" } ], "title": "CVE-2024-21416" }, { "cve": "CVE-2024-38045", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38045", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38045.json" } ], "title": "CVE-2024-38045" }, { "cve": "CVE-2024-38119", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38119", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38119.json" } ], "title": "CVE-2024-38119" }, { "cve": "CVE-2024-43454", "cwe": { "id": "CWE-23", "name": "Relative Path Traversal" }, "notes": [ { "category": "other", "text": "Relative Path Traversal", "title": "CWE-23" } ], "product_status": { "known_affected": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453805", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43454", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43454.json" } ], "title": "CVE-2024-43454" }, { "cve": "CVE-2024-43455", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" } ], "product_status": { "known_affected": [ "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453805", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43455", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43455.json" } ], "title": "CVE-2024-43455" }, { "cve": "CVE-2024-43461", "cwe": { "id": "CWE-451", "name": "User Interface (UI) Misrepresentation of Critical Information" }, "notes": [ { "category": "other", "text": "User Interface (UI) Misrepresentation of Critical Information", "title": "CWE-451" } ], "product_status": { "known_affected": [ "CSAFPID-1615902", "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43461", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43461.json" } ], "title": "CVE-2024-43461" }, { "cve": "CVE-2024-30073", "cwe": { "id": "CWE-41", "name": "Improper Resolution of Path Equivalence" }, "notes": [ { "category": "other", "text": "Improper Resolution of Path Equivalence", "title": "CWE-41" } ], "product_status": { "known_affected": [ "CSAFPID-1615902", "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453776", "CSAFPID-1453777", "CSAFPID-1453778", "CSAFPID-1453779", "CSAFPID-1453780", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-30073", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30073.json" } ], "title": "CVE-2024-30073" }, { "cve": "CVE-2024-43487", "cwe": { "id": "CWE-693", "name": "Protection Mechanism Failure" }, "notes": [ { "category": "other", "text": "Protection Mechanism Failure", "title": "CWE-693" } ], "product_status": { "known_affected": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453800", "CSAFPID-1453802", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43487", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43487.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:F/RL:O/RC:C", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1453758", "CSAFPID-1453759", "CSAFPID-1453760", "CSAFPID-1453800", "CSAFPID-1453802", "CSAFPID-1453769", "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772", "CSAFPID-1453781", "CSAFPID-1453782", "CSAFPID-1453783", "CSAFPID-1453784" ] } ], "title": "CVE-2024-43487" }, { "cve": "CVE-2024-38246", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Stack-based Buffer Overflow", "title": "CWE-121" } ], "product_status": { "known_affected": [ "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38246", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38246.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "baseScore": 7.0, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902" ] } ], "title": "CVE-2024-38246" }, { "cve": "CVE-2024-38248", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38248", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38248.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "baseScore": 7.0, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453800", "CSAFPID-1453801", "CSAFPID-1453802", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902" ] } ], "title": "CVE-2024-38248" }, { "cve": "CVE-2024-38259", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1453798", "CSAFPID-1453799", "CSAFPID-1453801", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38259", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38259.json" } ], "title": "CVE-2024-38259" }, { "cve": "CVE-2024-38232", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38232", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38232.json" } ], "title": "CVE-2024-38232" }, { "cve": "CVE-2024-38233", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "other", "text": "NULL Pointer Dereference", "title": "CWE-476" } ], "product_status": { "known_affected": [ "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38233", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38233.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] } ], "title": "CVE-2024-38233" }, { "cve": "CVE-2024-43458", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "other", "text": "Use of Uninitialized Resource", "title": "CWE-908" } ], "product_status": { "known_affected": [ "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43458", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43458.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C", "baseScore": 7.7, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453770", "CSAFPID-1453771", "CSAFPID-1453772" ] } ], "title": "CVE-2024-43458" }, { "cve": "CVE-2024-38253", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1453799", "CSAFPID-1453801", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38253", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38253.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453799", "CSAFPID-1453801", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805", "CSAFPID-1615902" ] } ], "title": "CVE-2024-38253" }, { "cve": "CVE-2024-43495", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" } ], "product_status": { "known_affected": [ "CSAFPID-1453801", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43495", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43495.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "baseScore": 7.3, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1453801", "CSAFPID-1453803", "CSAFPID-1453804", "CSAFPID-1453805" ] } ], "title": "CVE-2024-43495" }, { "cve": "CVE-2024-43457", "cwe": { "id": "CWE-428", "name": "Unquoted Search Path or Element" }, "notes": [ { "category": "other", "text": "Unquoted Search Path or Element", "title": "CWE-428" } ], "product_status": { "known_affected": [ "CSAFPID-1615902" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43457", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43457.json" } ], "title": "CVE-2024-43457" }, { "cve": "CVE-2024-43491", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" } ], "product_status": { "known_affected": [ "CSAFPID-1453769" ] }, "references": [ { "category": "self", "summary": "CVE-2024-43491", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-43491.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", "baseScore": 9.8, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-1453769" ] } ], "title": "CVE-2024-43491" } ] }