{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Apple heeft kwetsbaarheden verholpen in MacOS", "title": "Feiten" }, { "category": "description", "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:\n\n- Denial-of-Service (DoS)\n- Manipulatie van gegevens\n- Omzeilen van beveiligingsmaatregel\n- Toegang tot gevoelige gegevens\n- Toegang tot systeemgegevens\n\n\nVoor succesvol misbruik moet de kwaadwillende lokale toegang hebben, het slachtoffer misleiden een malafide app te downloaden en installeren, of een malafide bestand te openen of link te volgen.", "title": "Interpretaties" }, { "category": "description", "text": "Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen in MacOS 13.7, 14.7 en 15. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Observable Timing Discrepancy", "title": "CWE-208" }, { "category": "general", "text": "Permissive Cross-domain Policy with Untrusted Domains", "title": "CWE-942" }, { "category": "general", "text": "Double Free", "title": "CWE-415" }, { "category": "general", "text": "CWE-265", "title": "CWE-265" }, { "category": "general", "text": "Observable Discrepancy", "title": "CWE-203" }, { "category": "general", "text": "Integer Overflow or Wraparound", "title": "CWE-190" }, { "category": "general", "text": "UNIX Symbolic Link (Symlink) Following", "title": "CWE-61" }, { "category": "general", "text": "Improper Authorization", "title": "CWE-285" }, { "category": "general", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "CWE-275", "title": "CWE-275" }, { "category": "general", "text": "Improper Access Control", "title": "CWE-284" }, { "category": "general", "text": "Insecure Temporary File", "title": "CWE-377" }, { "category": "general", "text": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "title": "CWE-22" }, { "category": "general", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "general", "text": "Heap-based Buffer Overflow", "title": "CWE-122" }, { "category": "general", "text": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "title": "CWE-79" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - certbundde; cveprojectv5; hkcert; nvd", "url": "https://support.apple.com/en-us/121247" }, { "category": "external", "summary": "Reference - certbundde; cveprojectv5; hkcert; nvd", "url": "https://support.apple.com/en-us/121234" }, { "category": "external", "summary": "Reference - certbundde; cveprojectv5; hkcert; nvd", "url": "https://support.apple.com/en-us/121238" } ], "title": "Kwetsbaarheden verholpen in Apple MacOS", "tracking": { "current_release_date": "2024-09-26T08:48:34.451990Z", "id": "NCSC-2024-0381", "initial_release_date": "2024-09-26T08:48:34.451990Z", "revision_history": [ { "date": "2024-09-26T08:48:34.451990Z", "number": "0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "macos_sequoia__15", "product": { "name": "macos_sequoia__15", "product_id": "CSAFPID-1644309", "product_identification_helper": { "cpe": "cpe:2.3:a:apple:macos_sequoia__15:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "macos_sonoma__14.7", "product": { "name": "macos_sonoma__14.7", "product_id": "CSAFPID-1644310", "product_identification_helper": { "cpe": "cpe:2.3:a:apple:macos_sonoma__14.7:*:*:*:*:*:*:*:*" } } }, { "category": "product_name", "name": "macos_ventura__13.7", "product": { "name": "macos_ventura__13.7", "product_id": "CSAFPID-1644311", "product_identification_helper": { "cpe": "cpe:2.3:a:apple:macos_ventura__13.7:*:*:*:*:*:*:*:*" } } } ], "category": "vendor", "name": "apple" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-44154", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44154", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44154.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44154" }, { "cve": "CVE-2024-44158", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44158", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44158.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44158" }, { "cve": "CVE-2024-44160", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44160", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44160.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44160" }, { "cve": "CVE-2024-44161", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44161", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44161.json" } ], "title": "CVE-2024-44161" }, { "cve": "CVE-2024-44163", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44163", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44163.json" } ], "title": "CVE-2024-44163" }, { "cve": "CVE-2024-44164", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44164", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44164.json" } ], "title": "CVE-2024-44164" }, { "cve": "CVE-2024-44165", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44165", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44165.json" } ], "title": "CVE-2024-44165" }, { "cve": "CVE-2024-44166", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44166", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44166.json" } ], "title": "CVE-2024-44166" }, { "cve": "CVE-2024-44167", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44167", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44167.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "baseScore": 8.1, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44167" }, { "cve": "CVE-2024-44168", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44168", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44168.json" } ], "title": "CVE-2024-44168" }, { "cve": "CVE-2024-44169", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44169", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44169.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "baseScore": 8.1, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44169" }, { "cve": "CVE-2024-44170", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44170", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44170.json" } ], "title": "CVE-2024-44170" }, { "cve": "CVE-2024-44176", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44176", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44176.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44176" }, { "cve": "CVE-2024-44177", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44177", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44177.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44177" }, { "cve": "CVE-2024-44178", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44178", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44178.json" } ], "title": "CVE-2024-44178" }, { "cve": "CVE-2024-44181", "cwe": { "id": "CWE-377", "name": "Insecure Temporary File" }, "notes": [ { "category": "other", "text": "Insecure Temporary File", "title": "CWE-377" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44181", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44181.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44181" }, { "cve": "CVE-2024-44182", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44182", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44182.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44182" }, { "cve": "CVE-2024-44183", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44183", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44183.json" } ], "title": "CVE-2024-44183" }, { "cve": "CVE-2024-44184", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44184", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44184.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44184" }, { "cve": "CVE-2024-44186", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "other", "text": "Improper Access Control", "title": "CWE-284" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44186", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44186.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44186" }, { "cve": "CVE-2024-44187", "cwe": { "id": "CWE-942", "name": "Permissive Cross-domain Policy with Untrusted Domains" }, "notes": [ { "category": "other", "text": "Permissive Cross-domain Policy with Untrusted Domains", "title": "CWE-942" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44187", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44187.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44187" }, { "cve": "CVE-2024-44188", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44188", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44188.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44188" }, { "cve": "CVE-2024-44189", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "other", "text": "Improper Access Control", "title": "CWE-284" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44189", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44189.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44189" }, { "cve": "CVE-2024-44190", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" }, "notes": [ { "category": "other", "text": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "title": "CWE-22" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44190", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44190.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44190" }, { "cve": "CVE-2024-44191", "cwe": { "id": "CWE-285", "name": "Improper Authorization" }, "notes": [ { "category": "other", "text": "Improper Authorization", "title": "CWE-285" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44191", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44191.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44191" }, { "cve": "CVE-2024-44198", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "other", "text": "Integer Overflow or Wraparound", "title": "CWE-190" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44198", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44198.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44198" }, { "cve": "CVE-2023-4504", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2023-4504", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4504.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2023-4504" }, { "cve": "CVE-2023-5841", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Heap-based Buffer Overflow", "title": "CWE-122" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2023-5841", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5841.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "baseScore": 9.1, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2023-5841" }, { "cve": "CVE-2024-23237", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-23237", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23237.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-23237" }, { "cve": "CVE-2024-27795", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27795", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27795.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-27795" }, { "cve": "CVE-2024-27858", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27858", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27858.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-27858" }, { "cve": "CVE-2024-27860", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27860", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27860.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-27860" }, { "cve": "CVE-2024-27861", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27861", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27861.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-27861" }, { "cve": "CVE-2024-27869", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27869", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27869.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-27869" }, { "cve": "CVE-2024-27875", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27875", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27875.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-27875" }, { "cve": "CVE-2024-27876", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27876", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27876.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "baseScore": 8.1, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-27876" }, { "cve": "CVE-2024-27880", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27880", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27880.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-27880" }, { "cve": "CVE-2024-27886", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-27886", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27886.json" } ], "title": "CVE-2024-27886" }, { "cve": "CVE-2024-39894", "cwe": { "id": "CWE-208", "name": "Observable Timing Discrepancy" }, "notes": [ { "category": "other", "text": "Observable Timing Discrepancy", "title": "CWE-208" }, { "category": "other", "text": "Observable Discrepancy", "title": "CWE-203" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-39894", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39894.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-39894" }, { "cve": "CVE-2024-40770", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40770", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40770.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40770" }, { "cve": "CVE-2024-40791", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40791", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40791.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 3.3, "baseSeverity": "LOW" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40791" }, { "cve": "CVE-2024-40797", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40797", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40797.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40797" }, { "cve": "CVE-2024-40801", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40801", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40801.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40801" }, { "cve": "CVE-2024-40814", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40814", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40814.json" } ], "title": "CVE-2024-40814" }, { "cve": "CVE-2024-40825", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40825", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40825.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "baseScore": 6.0, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40825" }, { "cve": "CVE-2024-40826", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40826", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40826.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40826" }, { "cve": "CVE-2024-40831", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40831", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40831.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40831" }, { "cve": "CVE-2024-40837", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40837", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40837.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40837" }, { "cve": "CVE-2024-40838", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40838", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40838.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "baseScore": 3.3, "baseSeverity": "LOW" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40838" }, { "cve": "CVE-2024-40841", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40841", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40841.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40841" }, { "cve": "CVE-2024-40842", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40842", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40842.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40842" }, { "cve": "CVE-2024-40843", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40843", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40843.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40843" }, { "cve": "CVE-2024-40844", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40844", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40844.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40844" }, { "cve": "CVE-2024-40845", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40845", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40845.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40845" }, { "cve": "CVE-2024-40846", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40846", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40846.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40846" }, { "cve": "CVE-2024-40847", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40847", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40847.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40847" }, { "cve": "CVE-2024-40848", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40848", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40848.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40848" }, { "cve": "CVE-2024-40850", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40850", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40850.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40850" }, { "cve": "CVE-2024-40856", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40856", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40856.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40856" }, { "cve": "CVE-2024-40857", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" }, "notes": [ { "category": "other", "text": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "title": "CWE-79" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40857", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40857.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "baseScore": 7.1, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40857" }, { "cve": "CVE-2024-40859", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40859", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40859.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40859" }, { "cve": "CVE-2024-40860", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40860", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40860.json" } ], "title": "CVE-2024-40860" }, { "cve": "CVE-2024-40861", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40861", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40861.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40861" }, { "cve": "CVE-2024-40866", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40866", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40866.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-40866" }, { "cve": "CVE-2024-41957", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "other", "text": "Double Free", "title": "CWE-415" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-41957", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-41957.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "baseScore": 5.3, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-41957" }, { "cve": "CVE-2024-44125", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44125", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44125.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44125" }, { "cve": "CVE-2024-44128", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44128", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44128.json" } ], "title": "CVE-2024-44128" }, { "cve": "CVE-2024-44129", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44129", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44129.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44129" }, { "cve": "CVE-2024-44130", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44130", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44130.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "baseScore": 4.4, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44130" }, { "cve": "CVE-2024-44131", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44131", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44131.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44131" }, { "cve": "CVE-2024-44132", "cwe": { "id": "CWE-61", "name": "UNIX Symbolic Link (Symlink) Following" }, "notes": [ { "category": "other", "text": "UNIX Symbolic Link (Symlink) Following", "title": "CWE-61" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44132", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44132.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", "baseScore": 8.4, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44132" }, { "cve": "CVE-2024-44133", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "other", "text": "Improper Access Control", "title": "CWE-284" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44133", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44133.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44133" }, { "cve": "CVE-2024-44134", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44134", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44134.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44134" }, { "cve": "CVE-2024-44135", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44135", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44135.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44135" }, { "cve": "CVE-2024-44146", "cwe": { "id": "CWE-265", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-265", "title": "CWE-265" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44146", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44146.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "baseScore": 10.0, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44146" }, { "cve": "CVE-2024-44148", "cwe": { "id": "CWE-265", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-265", "title": "CWE-265" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44148", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44148.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "baseScore": 10.0, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44148" }, { "cve": "CVE-2024-44149", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44149", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44149.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44149" }, { "cve": "CVE-2024-44151", "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44151", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44151.json" } ], "title": "CVE-2024-44151" }, { "cve": "CVE-2024-44152", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "notes": [ { "category": "other", "text": "Improper Access Control", "title": "CWE-284" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44152", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44152.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44152" }, { "cve": "CVE-2024-44153", "cwe": { "id": "CWE-275", "name": "-" }, "notes": [ { "category": "other", "text": "CWE-275", "title": "CWE-275" } ], "product_status": { "known_affected": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] }, "references": [ { "category": "self", "summary": "CVE-2024-44153", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-44153.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1644309", "CSAFPID-1644310", "CSAFPID-1644311" ] } ], "title": "CVE-2024-44153" } ] }