{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Oracle heeft meerdere kwetsbaarheden verholpen in verschillende producten, waaronder de Utilities Application Framework, WebLogic Server, en Fusion Middleware.", "title": "Feiten" }, { "category": "description", "text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om toegang te krijgen tot kritieke gegevens, Denial-of-Service (DoS) te veroorzaken, en in sommige gevallen zelfs volledige controle over systemen te verkrijgen. Kwaadwillenden kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen of door gebruik te maken van onveilige configuraties in de getroffen producten.", "title": "Interpretaties" }, { "category": "description", "text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Improper Neutralization of Special Elements Used in a Template Engine", "title": "CWE-1336" }, { "category": "general", "text": "Time-of-check Time-of-use (TOCTOU) Race Condition", "title": "CWE-367" }, { "category": "general", "text": "Improper Check for Unusual or Exceptional Conditions", "title": "CWE-754" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "Inclusion of Functionality from Untrusted Control Sphere", "title": "CWE-829" }, { "category": "general", "text": "Improper Control of Generation of Code ('Code Injection')", "title": "CWE-94" }, { "category": "general", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "general", "text": "Uncontrolled Recursion", "title": "CWE-674" }, { "category": "general", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" }, { "category": "general", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "general", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "general", "text": "Stack-based Buffer Overflow", "title": "CWE-121" }, { "category": "general", "text": "Loop with Unreachable Exit Condition ('Infinite Loop')", "title": "CWE-835" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference - cveprojectv5; nvd; oracle", "url": "https://www.oracle.com/security-alerts/cpuapr2025.html" } ], "title": "Kwetsbaarheden verholpen in Oracle Fusion Middleware", "tracking": { "current_release_date": "2025-04-16T15:01:24.587426Z", "generator": { "date": "2025-02-25T15:15:00Z", "engine": { "name": "V.A.", "version": "1.0" } }, "id": "NCSC-2025-0128", "initial_release_date": "2025-04-16T15:01:24.587426Z", "revision_history": [ { "date": "2025-04-16T15:01:24.587426Z", "number": "1.0.0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-2699078", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:access_manager:12.2.1.4.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle Access Manager" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-1839842", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:oracle/14.1.2.0.0", "product": { "name": "vers:oracle/14.1.2.0.0", "product_id": "CSAFPID-2698989", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_process_management_suite:14.1.2.0.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle Business Process Management Suite" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-1839864", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:oracle/14.1.2.0.0", "product": { "name": "vers:oracle/14.1.2.0.0", "product_id": "CSAFPID-2698967", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:http_server:14.1.2.0.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle HTTP Server" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-1839938", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:managed_file_transfer:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:oracle/14.1.2.0.0", "product": { "name": "vers:oracle/14.1.2.0.0", "product_id": "CSAFPID-2699074", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:managed_file_transfer:14.1.2.0.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle Managed File Transfer" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-2698998", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:soa_suite:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:oracle/14.1.2.0.0", "product": { "name": "vers:oracle/14.1.2.0.0", "product_id": "CSAFPID-2698997", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:soa_suite:14.1.2.0.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle SOA Suite" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-1839896", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:oracle/14.1.1.0.0", "product": { "name": "vers:oracle/14.1.1.0.0", "product_id": "CSAFPID-1839897", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:oracle/14.1.2.0.0", "product": { "name": "vers:oracle/14.1.2.0.0", "product_id": "CSAFPID-1840030", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle WebLogic Server" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/8.5.7", "product": { "name": "vers:oracle/8.5.7", "product_id": "CSAFPID-1839872", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:outside_in_technology:8.5.7:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle Outside In Technology" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-1840014", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:coherence:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:oracle/14.1.1.0.0", "product": { "name": "vers:oracle/14.1.1.0.0", "product_id": "CSAFPID-1839982", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:coherence:14.1.1.0.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:oracle/14.1.2.0.0", "product": { "name": "vers:oracle/14.1.2.0.0", "product_id": "CSAFPID-2699125", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:coherence:14.1.2.0.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle Coherence" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-1839988", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle Fusion Middleware MapViewer" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-2698948", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle JDeveloper" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/14.1.1.0.0", "product": { "name": "vers:oracle/14.1.1.0.0", "product_id": "CSAFPID-2699057", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:webcenter_forms_recognition:14.1.1.0.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle WebCenter Forms Recognition" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-1840006", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle WebCenter Portal" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-2698985", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:data_integrator:12.2.1.4.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle Data Integrator" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-1840028", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_activity_monitoring:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:oracle/14.1.2.0.0", "product": { "name": "vers:oracle/14.1.2.0.0", "product_id": "CSAFPID-2699064", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:business_activity_monitoring:14.1.2.0.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle Business Activity Monitoring" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-2699044", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:service_bus:12.2.1.4.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle Service Bus" } ], "category": "product_family", "name": "Oracle Fusion Middleware" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:unknown/12.2.1.4.0", "product": { "name": "vers:unknown/12.2.1.4.0", "product_id": "CSAFPID-1213401" } } ], "category": "product_name", "name": "Managed File Transfer" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/12.2.1.3.0", "product": { "name": "vers:unknown/12.2.1.3.0", "product_id": "CSAFPID-1536644" } }, { "category": "product_version_range", "name": "vers:unknown/12.2.1.4.0", "product": { "name": "vers:unknown/12.2.1.4.0", "product_id": "CSAFPID-1536288" } }, { "category": "product_version_range", "name": "vers:unknown/14.1.1.0.0", "product": { "name": "vers:unknown/14.1.1.0.0", "product_id": "CSAFPID-1536278" } } ], "category": "product_name", "name": "Weblogic Server" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/8.5.7", "product": { "name": "vers:unknown/8.5.7", "product_id": "CSAFPID-1233360" } } ], "category": "product_name", "name": "Outside In Technology" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/12.2.1.4.0", "product": { "name": "vers:unknown/12.2.1.4.0", "product_id": "CSAFPID-1210435" } }, { "category": "product_version_range", "name": "vers:unknown/14.1.1.0.0", "product": { "name": "vers:unknown/14.1.1.0.0", "product_id": "CSAFPID-1210304" } } ], "category": "product_name", "name": "Coherence" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/12.2.1.4.0", "product": { "name": "vers:unknown/12.2.1.4.0", "product_id": "CSAFPID-1247956" } } ], "category": "product_name", "name": "Jdeveloper (Application)" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/12.2.1.3.0", "product": { "name": "vers:unknown/12.2.1.3.0", "product_id": "CSAFPID-1214253" } }, { "category": "product_version_range", "name": "vers:unknown/12.2.1.4.0", "product": { "name": "vers:unknown/12.2.1.4.0", "product_id": "CSAFPID-1232894" } } ], "category": "product_name", "name": "WebCenter Portal" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/12.2.1.4.0", "product": { "name": "vers:unknown/12.2.1.4.0", "product_id": "CSAFPID-1201529" } } ], "category": "product_name", "name": "Data Integrator" } ], "category": "product_family", "name": "Oracle" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-1144680", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:oracle/14.1.1.0.0", "product": { "name": "vers:oracle/14.1.1.0.0", "product_id": "CSAFPID-1144604", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle WebLogic Server" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/12.2.1.4.0", "product": { "name": "vers:unknown/12.2.1.4.0", "product_id": "CSAFPID-39413", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:coherence:12.2.1.4.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:unknown/14.1.1.0.0", "product": { "name": "vers:unknown/14.1.1.0.0", "product_id": "CSAFPID-39412", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:coherence:14.1.1.0.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Coherence" }, { "branches": [ { "category": "product_version_range", "name": "vers:oracle/12.2.1.3.0", "product": { "name": "vers:oracle/12.2.1.3.0", "product_id": "CSAFPID-1144910" } }, { "category": "product_version_range", "name": "vers:oracle/12.2.1.4.0", "product": { "name": "vers:oracle/12.2.1.4.0", "product_id": "CSAFPID-1144911", "product_identification_helper": { "cpe": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "Oracle WebCenter Portal" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/12.2.1.3.0", "product": { "name": "vers:unknown/12.2.1.3.0", "product_id": "CSAFPID-317201", "product_identification_helper": { "cpe": "cpe:2.3:a:ibm:oracle_webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*" } } }, { "category": "product_version_range", "name": "vers:unknown/12.2.1.4.0", "product": { "name": "vers:unknown/12.2.1.4.0", "product_id": "CSAFPID-307786", "product_identification_helper": { "cpe": "cpe:2.3:a:ibm:oracle_webcenter_portal:12.2.1.4.0:*:*:*:*:*:*:*" } } } ], "category": "product_name", "name": "WebCenter Portal" } ], "category": "vendor", "name": "Oracle" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-13936", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code ('Code Injection')" }, "notes": [ { "category": "other", "text": "Improper Control of Generation of Code ('Code Injection')", "title": "CWE-94" }, { "category": "other", "text": "Improper Neutralization of Special Elements Used in a Template Engine", "title": "CWE-1336" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2020-13936", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13936.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2020-13936" }, { "cve": "CVE-2020-25649", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "notes": [ { "category": "other", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2020-25649", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-25649.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2020-25649" }, { "cve": "CVE-2023-26464", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2023-26464", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26464.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2023-26464" }, { "cve": "CVE-2024-7254", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Uncontrolled Recursion", "title": "CWE-674" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-7254", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7254.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "baseScore": 8.2, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-7254" }, { "cve": "CVE-2024-9143", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-9143", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json" } ], "title": "CVE-2024-9143" }, { "cve": "CVE-2024-11053", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-11053", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "baseScore": 9.1, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-11053" }, { "cve": "CVE-2024-11612", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Loop with Unreachable Exit Condition ('Infinite Loop')", "title": "CWE-835" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-11612", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11612.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-11612" }, { "cve": "CVE-2024-25710", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition ('Infinite Loop')" }, "notes": [ { "category": "other", "text": "Loop with Unreachable Exit Condition ('Infinite Loop')", "title": "CWE-835" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-25710", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "baseScore": 8.1, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-25710" }, { "cve": "CVE-2024-28168", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "notes": [ { "category": "other", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-28168", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28168.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-28168" }, { "cve": "CVE-2024-29857", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-29857", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29857.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-29857" }, { "cve": "CVE-2024-38476", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "other", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "other", "text": "Inclusion of Functionality from Untrusted Control Sphere", "title": "CWE-829" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-38476", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-38476" }, { "cve": "CVE-2024-40896", "cwe": { "id": "CWE-611", "name": "Improper Restriction of XML External Entity Reference" }, "notes": [ { "category": "other", "text": "Improper Restriction of XML External Entity Reference", "title": "CWE-611" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-40896", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40896.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-40896" }, { "cve": "CVE-2024-47072", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Stack-based Buffer Overflow", "title": "CWE-121" }, { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-47072", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47072.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-47072" }, { "cve": "CVE-2024-47554", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-47554", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-47554" }, { "cve": "CVE-2024-47561", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-47561", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-47561" }, { "cve": "CVE-2024-50602", "cwe": { "id": "CWE-404", "name": "Improper Resource Shutdown or Release" }, "notes": [ { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "other", "text": "Improper Check for Unusual or Exceptional Conditions", "title": "CWE-754" }, { "category": "general", "text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-50602", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-50602.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-50602" }, { "cve": "CVE-2024-52046", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code ('Code Injection')" }, "notes": [ { "category": "other", "text": "Improper Control of Generation of Code ('Code Injection')", "title": "CWE-94" }, { "category": "other", "text": "Deserialization of Untrusted Data", "title": "CWE-502" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-52046", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-52046.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-52046" }, { "cve": "CVE-2024-56337", "cwe": { "id": "CWE-367", "name": "Time-of-check Time-of-use (TOCTOU) Race Condition" }, "notes": [ { "category": "other", "text": "Time-of-check Time-of-use (TOCTOU) Race Condition", "title": "CWE-367" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2024-56337", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-56337.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2024-56337" }, { "cve": "CVE-2025-23184", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "notes": [ { "category": "other", "text": "Uncontrolled Resource Consumption", "title": "CWE-400" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2025-23184", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-23184.json" } ], "title": "CVE-2025-23184" }, { "cve": "CVE-2025-24970", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "other", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "other", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2025-24970", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2025-24970" }, { "cve": "CVE-2025-27363", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] }, "references": [ { "category": "self", "summary": "CVE-2025-27363", "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-27363.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C/CR:H/IR:H/AR:H/MAV:N/MAC:L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H", "baseScore": 8.1, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-2699078", "CSAFPID-1839842", "CSAFPID-2698989", "CSAFPID-1839864", "CSAFPID-2698967", "CSAFPID-1213401", "CSAFPID-1839938", "CSAFPID-2699074", "CSAFPID-2698998", "CSAFPID-2698997", "CSAFPID-1144680", "CSAFPID-1839896", "CSAFPID-1144604", "CSAFPID-1839897", "CSAFPID-1536644", "CSAFPID-1840030", "CSAFPID-1536288", "CSAFPID-1536278", "CSAFPID-1839872", "CSAFPID-1233360", "CSAFPID-39413", "CSAFPID-1210435", "CSAFPID-1210304", "CSAFPID-39412", "CSAFPID-1840014", "CSAFPID-1839982", "CSAFPID-2699125", "CSAFPID-1839988", "CSAFPID-1247956", "CSAFPID-2698948", "CSAFPID-2699057", "CSAFPID-1144910", "CSAFPID-1840006", "CSAFPID-1144911", "CSAFPID-1214253", "CSAFPID-317201", "CSAFPID-1232894", "CSAFPID-307786", "CSAFPID-1201529", "CSAFPID-2698985", "CSAFPID-1840028", "CSAFPID-2699064", "CSAFPID-2699044" ] } ], "title": "CVE-2025-27363" } ] }